Zorba 1

Bonjour; ça ne fonctionne pas chez moi;j'ai autoriser dans IE8 l'execution du contenu du CD actif sans resulats. Le systeme de fichiers est CDFS.

Bonjour; Ce CD contient une reprise d'articles parus dans un magazine americain sur le travail du bois; je l'ai acheté légalement sur le site de l'editeur. Lien CJoint.com BHzitE2tlCy Lien CJoint.com 0HzivOjP2g7 Merci

Bonjour; J'ai acheté un CD (recueil d'un magazine d'articles technique)Pour lancer le CD je dois cliquer sur un bouton start a partir d'une page d'accueil. S'ouvre alors un fenetre "Adode flash player a interronpu une operation potentiellement risquée".l'application locale suivante,sur votre ordinateur ou votre réseau:"H:\Mow\Mow\wf_master.sw tente de communiquer avec l'adresse suivante suceptible d'etablir une connection internet:null" Ensuite on me demande de modifier les parametres.Lesquels? j'ai fait des essais sans résultats. Si j'ai bien compris une application cherche a communiquer avec une adresse qui n'existe pas (null)? J'ai les dernières versions de Adobe FP;de Adobe reader,De Firefox;L'antivirus Avast pro. J'ai nettoyé le pc, vider l'historique, scanné et essayer avec l'antivirus desactivé.Toujours le message apparait. Quelles solutions? merçi de votre aide

Bonjour, Depuis quelques jours je remarque que le curseur se positionne mal quand je clique dans un cartouche pour enter des mots.Par exemple dans la zone recherche de Google le curseur avance a chaque lettre et se repositionne au début du mot quand j'envoie la requete.,ou sur certains liens,le curseur est decalé.Je dois recliquer une deuxieme fois pour qu'il se remette a la bonne position. Infecté ou pas. Merçi de vos avis

Bonjour, Je souhaiterais télécharger ce bouquin libre de droit à partir de ce site: http://www.archive.org/details/brancionlesseig00viregoog. Je ne connais pas la procédure pour l'enregistrer sur l'ordi. Mes essais ont été sans résultats. Le fichier PDF renvoie sur un site Google et avec le Djvu rien ne m'indique si le chargement est en cours. Merçi de votre aide.

Bonjour, J'ai un portable HP Pavilion DV7 3180 EF. Je suppose le lecteur HS. J'ai d'abord remarqué qu'il me rayait les DVD neufs du commerce mais je encore pouvais les lire. Maintenant il reconnait les DVD, mais pas toujours, la lecture ne se lance pas et il est bruyant. Je le considère HS. Question : où trouver un lecteur graveur Blu-Ray en remplacement de celui monté sur le PC ? Référence : DWD WBD TS LB 23L. Ce PC est récent,je suis plutôt déçu de la fragilité de ce matériel, d'autant plus que je suis soigneux dans les manips. Merci pour votre aide.

Bonjour, Je les ai contacté il y a quelques jours.Pour l'instant pas de réponse.

Bonjour à tous, Merci pour les commentaires. Je dois peut-être préciser que j'utilise une clé 3G et que ça peut être la cause du problème. Sur d'autres sites, les chargements de PDF fonctionnent. J'applique cette méthode sous FF 7 0 1. choisir: télécharger les chapitres ou télécharger la sélection des pages il reste ensuite à cocher les chapitres ou les pages que l'on veux télécharger. Le téléchargement se lance dans un nouvel onglet mais se bloque immédiatement, avec le message "fichier endommagé ne peut être réparé."J'ai pu pour essai charger certains chapitres. Donc pour l'instant mystère. Merci à tous

Bonjour, Il m'est impossible de télécharger des docs en PDF sur le site Facom à partir de cette adresse "http://www.facom.com/Facom/Catalogs/fr-fr/appli.htm". Si je clique gauche sur un dossier un nouvel onglet s'ouvre mais rien ne se passe. Si je clique droit, Adobe Flash Player me demande d'accéder à la camera et au micro ? J'utilise FF 7.01. Avec IE 8 même chose. Merci de m'aider à résoudre ce problème.

Bonjour; Voila le tout dernier rapport OTL: Merçi de t etre penché sur ce probleme. OTL logfile created on: 21/07/2011 13:12:41 - Run 4 OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Paul\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,99 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 67,43% Memory free 7,98 Gb Paging File | 6,54 Gb Available in Paging File | 81,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 578,94 Gb Total Space | 426,07 Gb Free Space | 73,59% Space Free | Partition Type: NTFS Drive D: | 596,17 Gb Total Space | 518,96 Gb Free Space | 87,05% Space Free | Partition Type: NTFS Drive E: | 16,94 Gb Total Space | 2,74 Gb Free Space | 16,15% Space Free | Partition Type: NTFS Drive F: | 99,34 Mb Total Space | 92,74 Mb Free Space | 93,36% Space Free | Partition Type: FAT32 Drive G: | 58,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (UDisk Monitor) -- C:\Program Files\MOOV 3G+\bin\MonServiceUDisk.exe () SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.) SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (NETw5s64) Pilote de carte Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (zteusbser) -- C:\Windows\SysNative\drivers\zteusbser.sys (ZTE Corporation) DRV:64bit: - (umpusbvista) -- C:\Windows\SysNative\drivers\umpusbvista.sys (Texas Instruments Inc) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: "" FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: [email protected]:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/05/11 04:06:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF FF - HKLM\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/19 20:53:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/19 20:53:54 | 000,000,000 | ---D | M] [2011/04/16 08:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions [2010/09/15 22:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions\[email protected] [2011/07/19 11:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions [2011/02/18 14:31:25 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions\[email protected] [2011/07/19 20:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/09/24 17:03:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/23 10:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/16 15:12:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/02/09 19:05:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/05/18 15:04:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011/07/08 10:37:48 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/03/21 08:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll [2010/01/01 11:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 11:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010/01/01 11:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 11:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 11:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 11:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/07/14 17:28:18 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Tuto4pc] File not found O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8:64bit: - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell - "" = AutoRun O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell - "" = AutoRun O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell - "" = AutoRun O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell - "" = AutoRun O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.) MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - () MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - () MsConfig:64bit - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) MsConfig:64bit - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG) MsConfig:64bit - StartUpReg: QlbCtrl.exe - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.) MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) MsConfig:64bit - StartUpReg: WirelessAssistant - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) ========== Files/Folders - Created Within 30 Days ========== [2011/07/21 12:27:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Zulu Kings Reed Dance - a set on Flickr_fichiers [2011/07/21 08:53:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Template [2011/07/20 13:46:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Google [2011/07/20 12:30:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\i-Naked.info _ Supporting the right to bare arms and everything else!_fichiers [2011/07/20 12:23:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\148005-wawawawa-swazi-queen-who-cheated-king-mswati-supu-6_fichiers [2011/07/20 11:18:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\t2-comment-bien-utiliser-google_fichiers [2011/07/19 08:38:27 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Open Office [2011/07/18 13:36:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Index of _images_Photo Visiteur 2_fichiers [2011/07/18 13:29:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\search_fichiers [2011/07/18 12:19:43 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\faience_fichiers [2011/07/18 12:13:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\poser-du-carrelage-mural-pour-la-1ere-fois-a3094_fichiers [2011/07/17 18:06:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\affich-2803862-telecharger-sur-des-sites-comme-index-of_fichiers [2011/07/17 12:59:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks ido_fichiers [2011/07/17 12:43:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Advisories and Vulnerabilities - Google Hacking Database_fichiers [2011/07/17 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks_fichiers [2011/07/17 12:29:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\viewer gh_fichiers [2011/07/16 08:49:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\installer-un-evier-a-encastrer_fichiers [2011/07/16 07:27:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Copernic [2011/07/16 07:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Copernic [2011/07/16 07:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Copernic Agent [2011/07/16 07:22:11 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Mp3tag [2011/07/16 06:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag [2011/07/15 14:45:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\La lettre [2011/07/15 14:33:49 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Louvers [2011/07/15 12:02:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Sali01 _ Flickr - Photo Sharing!_fichiers [2011/07/15 11:55:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\inTombi 1 _ Flickr - Photo Sharing!_fichiers [2011/07/15 11:29:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Visitors at the Reed Dance _ Flickr - Photo Sharing!_fichiers [2011/07/15 11:29:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Flickr Zululand Eco-Adventures' Photostream_fichiers [2011/07/15 11:23:20 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\umhlanga_fichiers [2011/07/15 10:53:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Le google hacking _ Lolokai_fichiers [2011/07/15 10:46:55 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Comment trouver des Mp3 avec Google - Spi0n.com_fichiers [2011/07/15 10:14:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\telecharger-micro-hebdo-n-661_fichiers [2011/07/14 17:44:17 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/07/14 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/07/14 17:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/07/14 17:05:06 | 000,000,000 | ---D | C] -- C:\_OTL [2011/07/13 21:11:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\viewer_fichiers [2011/07/13 09:25:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\DIV [2011/07/13 06:47:59 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011/07/13 06:47:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011/07/13 06:47:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011/07/13 06:47:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011/07/13 06:47:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011/07/13 06:47:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011/07/13 06:47:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011/07/13 06:47:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011/07/13 06:47:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011/07/13 06:47:46 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011/07/13 06:47:46 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011/07/13 06:47:45 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011/07/13 06:47:45 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011/07/13 06:47:44 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011/07/13 06:47:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011/07/13 06:47:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011/07/13 06:47:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011/07/13 06:47:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011/07/13 06:47:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011/07/13 06:47:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011/07/13 06:47:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011/07/12 18:14:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Microsoft IntelliPoint [2011/07/11 08:23:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\imgres vi_fichiers [2011/07/11 08:20:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\danca-dos-maswazi_fichiers [2011/07/11 08:19:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\swaziland umhlanga festival girl power to the max! « Travel. – Not All Men Are Monsters – Sex. Travel. Food. Life. – Brian Johnston_fichiers [2011/07/10 09:36:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Amy Nude _ Flickr partage de photos !_fichiers [2011/07/10 09:26:00 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\photostream 2_fichiers [2011/07/10 09:19:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\photostream_fichiers [2011/07/10 09:18:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\African Girl _ Flickr partage de photos !_fichiers [2011/07/10 08:23:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\346729_fichiers [2011/07/09 07:05:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BOOKS 1 [2011/07/08 12:53:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747_fichiers [2011/07/05 12:29:11 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982_fichiers [2011/07/04 10:02:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Camping, Eclairage,Orientation,Optique [2011/07/04 09:56:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Doc Fixations ,Visserie,Mecanique, [2011/07/04 09:54:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Transports, [2011/07/04 09:51:27 | 000,000,000 | ---D | C] -- C:\Users\Paul\Docs Madagascar [2011/07/03 18:49:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité_fichiers [2011/06/30 16:32:09 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436_fichiers [2011/06/29 16:54:07 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2011/06/29 16:54:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2011/06/29 16:54:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2011/06/29 16:54:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2011/06/29 16:54:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2011/06/29 16:54:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2011/06/29 16:54:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2011/06/29 16:54:00 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2011/06/29 16:54:00 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2011/06/29 16:54:00 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2011/06/29 16:54:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2011/06/29 16:54:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2011/06/29 16:54:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll [2011/06/29 16:54:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2011/06/29 16:54:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2011/06/29 16:53:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2011/06/29 13:14:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\trajet_fichiers [2011/06/27 13:18:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable_fichiers [2011/06/27 12:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2011/06/25 17:15:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Dossier [2011/06/23 18:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60} [2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/07/21 13:13:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/21 12:44:29 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/07/21 12:44:29 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/07/21 12:41:29 | 002,207,758 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/07/21 12:41:29 | 001,620,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/07/21 12:41:29 | 000,416,924 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/07/21 12:41:29 | 000,377,956 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/07/21 12:41:29 | 000,050,046 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/07/21 12:37:13 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/07/21 12:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/07/21 12:36:58 | 3214,045,184 | -HS- | M] () -- C:\hiberfil.sys [2011/07/21 12:29:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/07/21 12:27:12 | 000,097,214 | ---- | M] () -- C:\Users\Paul\Desktop\Zulu Kings Reed Dance - a set on Flickr.htm [2011/07/21 08:51:55 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat [2011/07/20 20:25:16 | 002,660,120 | ---- | M] () -- C:\Users\Paul\Desktop\N0028932_PDF_1_-1DM.pdf [2011/07/20 20:10:14 | 000,055,919 | ---- | M] () -- C:\Users\Paul\Desktop\ldlb.pdf [2011/07/20 12:30:43 | 000,044,535 | ---- | M] () -- C:\Users\Paul\Desktop\i-Naked.info _ Supporting the right to bare arms and everything else!.htm [2011/07/20 12:23:43 | 000,161,658 | ---- | M] () -- C:\Users\Paul\Desktop\148005-wawawawa-swazi-queen-who-cheated-king-mswati-supu-6.html [2011/07/20 11:49:23 | 000,209,717 | ---- | M] () -- C:\Users\Paul\Desktop\Topless tradition for tourists.pdf [2011/07/20 11:18:18 | 000,035,441 | ---- | M] () -- C:\Users\Paul\Desktop\t2-comment-bien-utiliser-google.htm [2011/07/19 20:54:24 | 000,002,018 | ---- | M] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/07/19 20:53:57 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/07/19 08:49:00 | 000,067,858 | ---- | M] () -- C:\Users\Paul\Desktop\Capture.PNG [2011/07/18 17:20:24 | 000,884,937 | ---- | M] () -- C:\Users\Paul\Desktop\Positions.pdf [2011/07/18 13:36:17 | 000,083,631 | ---- | M] () -- C:\Users\Paul\Desktop\Index of _images_Photo Visiteur 2.htm [2011/07/18 13:29:04 | 000,166,610 | ---- | M] () -- C:\Users\Paul\Desktop\search.htm [2011/07/18 12:19:44 | 000,017,452 | ---- | M] () -- C:\Users\Paul\Desktop\faience.htm [2011/07/18 12:13:38 | 000,114,711 | ---- | M] () -- C:\Users\Paul\Desktop\poser-du-carrelage-mural-pour-la-1ere-fois-a3094.htm [2011/07/17 18:07:00 | 000,096,756 | ---- | M] () -- C:\Users\Paul\Desktop\affich-2803862-telecharger-sur-des-sites-comme-index-of.htm [2011/07/17 16:11:30 | 000,024,024 | ---- | M] () -- C:\Users\Paul\Desktop\Index of _wp-content_uploads_2009_10.htm [2011/07/17 13:03:26 | 000,467,347 | ---- | M] () -- C:\Users\Paul\Desktop\EUROSEC2005-Google_hacking.pdf [2011/07/17 12:59:53 | 000,032,474 | ---- | M] () -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks ido.htm [2011/07/17 12:43:03 | 000,024,892 | ---- | M] () -- C:\Users\Paul\Desktop\Advisories and Vulnerabilities - Google Hacking Database.htm [2011/07/17 12:42:53 | 000,024,297 | ---- | M] () -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks.htm [2011/07/17 12:29:46 | 000,073,175 | ---- | M] () -- C:\Users\Paul\Desktop\viewer gh.htm [2011/07/16 08:55:16 | 000,367,312 | ---- | M] () -- C:\Users\Paul\Desktop\jr_0027.pdf [2011/07/16 08:49:42 | 000,063,993 | ---- | M] () -- C:\Users\Paul\Desktop\installer-un-evier-a-encastrer.html [2011/07/16 06:46:30 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2011/07/15 12:02:09 | 000,123,861 | ---- | M] () -- C:\Users\Paul\Desktop\Sali01 _ Flickr - Photo Sharing!.htm [2011/07/15 11:55:29 | 000,128,348 | ---- | M] () -- C:\Users\Paul\Desktop\inTombi 1 _ Flickr - Photo Sharing!.htm [2011/07/15 11:30:00 | 000,157,802 | ---- | M] () -- C:\Users\Paul\Desktop\Visitors at the Reed Dance _ Flickr - Photo Sharing!.htm [2011/07/15 11:29:32 | 000,109,860 | ---- | M] () -- C:\Users\Paul\Desktop\Flickr Zululand Eco-Adventures' Photostream.htm [2011/07/15 11:23:21 | 000,087,255 | ---- | M] () -- C:\Users\Paul\Desktop\umhlanga.htm [2011/07/15 10:53:04 | 000,041,217 | ---- | M] () -- C:\Users\Paul\Desktop\Le google hacking _ Lolokai.htm [2011/07/15 10:48:41 | 000,145,857 | ---- | M] () -- C:\Users\Paul\Desktop\Comment trouver des Mp3 avec Google - Spi0n.com.htm [2011/07/15 10:14:46 | 000,038,444 | ---- | M] () -- C:\Users\Paul\Desktop\telecharger-micro-hebdo-n-661.html [2011/07/15 09:03:56 | 000,036,143 | ---- | M] () -- C:\Users\Paul\Documents\HENRIETTE.jpg [2011/07/15 06:41:40 | 000,400,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/07/14 17:53:24 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/07/14 17:28:18 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/07/14 06:32:36 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job [2011/07/13 21:11:28 | 000,070,171 | ---- | M] () -- C:\Users\Paul\Desktop\viewer.htm [2011/07/13 20:46:16 | 000,009,608 | ---- | M] () -- C:\Users\Paul\Documents\Sans nom 2.odt [2011/07/12 19:09:13 | 000,009,097 | ---- | M] () -- C:\Users\Paul\Documents\Sans nom 1.odt [2011/07/11 08:23:09 | 000,010,067 | ---- | M] () -- C:\Users\Paul\Desktop\imgres vi.htm [2011/07/11 08:20:07 | 000,068,368 | ---- | M] () -- C:\Users\Paul\Desktop\danca-dos-maswazi.html [2011/07/11 08:19:04 | 000,082,464 | ---- | M] () -- C:\Users\Paul\Desktop\swaziland umhlanga festival girl power to the max! « Travel. – Not All Men Are Monsters – Sex. Travel. Food. Life. – Brian Johnston.htm [2011/07/10 09:36:18 | 000,137,728 | ---- | M] () -- C:\Users\Paul\Desktop\Amy Nude _ Flickr partage de photos !.htm [2011/07/10 09:26:01 | 000,254,676 | ---- | M] () -- C:\Users\Paul\Desktop\photostream 2.htm [2011/07/10 09:19:57 | 000,177,526 | ---- | M] () -- C:\Users\Paul\Desktop\photostream.htm [2011/07/10 09:18:51 | 000,213,239 | ---- | M] () -- C:\Users\Paul\Desktop\African Girl _ Flickr partage de photos !.htm [2011/07/10 08:23:27 | 000,066,414 | ---- | M] () -- C:\Users\Paul\Desktop\346729.html [2011/07/10 08:14:45 | 000,201,309 | ---- | M] () -- C:\Users\Paul\Desktop\http _www.flickr.com_photos_photosperso_5767743610_in_photostream_.htm [2011/07/08 16:40:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/07/08 12:53:20 | 000,133,638 | ---- | M] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm [2011/07/05 12:29:13 | 000,141,423 | ---- | M] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html [2011/07/04 18:48:35 | 000,001,046 | ---- | M] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk [2011/07/04 14:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/07/04 14:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/07/04 14:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/07/04 14:37:39 | 000,129,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2011/07/04 14:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011/07/04 14:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/07/04 14:36:24 | 000,257,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2011/07/04 14:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/07/04 14:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/07/04 14:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/07/04 14:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/07/03 18:49:53 | 000,085,796 | ---- | M] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm [2011/06/30 16:32:09 | 000,035,711 | ---- | M] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html [2011/06/29 13:14:43 | 000,013,966 | ---- | M] () -- C:\Users\Paul\Desktop\trajet.htm [2011/06/27 13:18:26 | 000,055,583 | ---- | M] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm [2011/06/23 19:07:33 | 000,273,044 | ---- | M] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf [2011/06/23 18:58:59 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/06/23 18:51:22 | 000,262,253 | ---- | M] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf [2011/06/23 18:12:44 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/07/21 12:27:10 | 000,097,214 | ---- | C] () -- C:\Users\Paul\Desktop\Zulu Kings Reed Dance - a set on Flickr.htm [2011/07/21 08:51:55 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat [2011/07/20 20:17:50 | 002,660,120 | ---- | C] () -- C:\Users\Paul\Desktop\N0028932_PDF_1_-1DM.pdf [2011/07/20 20:10:13 | 000,055,919 | ---- | C] () -- C:\Users\Paul\Desktop\ldlb.pdf [2011/07/20 12:30:40 | 000,044,535 | ---- | C] () -- C:\Users\Paul\Desktop\i-Naked.info _ Supporting the right to bare arms and everything else!.htm [2011/07/20 12:23:42 | 000,161,658 | ---- | C] () -- C:\Users\Paul\Desktop\148005-wawawawa-swazi-queen-who-cheated-king-mswati-supu-6.html [2011/07/20 11:49:05 | 000,209,717 | ---- | C] () -- C:\Users\Paul\Desktop\Topless tradition for tourists.pdf [2011/07/20 11:18:12 | 000,035,441 | ---- | C] () -- C:\Users\Paul\Desktop\t2-comment-bien-utiliser-google.htm [2011/07/19 08:48:59 | 000,067,858 | ---- | C] () -- C:\Users\Paul\Desktop\Capture.PNG [2011/07/18 17:20:24 | 000,884,937 | ---- | C] () -- C:\Users\Paul\Desktop\Positions.pdf [2011/07/18 13:36:16 | 000,083,631 | ---- | C] () -- C:\Users\Paul\Desktop\Index of _images_Photo Visiteur 2.htm [2011/07/18 13:29:03 | 000,166,610 | ---- | C] () -- C:\Users\Paul\Desktop\search.htm [2011/07/18 12:19:43 | 000,017,452 | ---- | C] () -- C:\Users\Paul\Desktop\faience.htm [2011/07/18 12:13:34 | 000,114,711 | ---- | C] () -- C:\Users\Paul\Desktop\poser-du-carrelage-mural-pour-la-1ere-fois-a3094.htm [2011/07/17 18:06:59 | 000,096,756 | ---- | C] () -- C:\Users\Paul\Desktop\affich-2803862-telecharger-sur-des-sites-comme-index-of.htm [2011/07/17 16:11:30 | 000,024,024 | ---- | C] () -- C:\Users\Paul\Desktop\Index of _wp-content_uploads_2009_10.htm [2011/07/17 13:03:06 | 000,467,347 | ---- | C] () -- C:\Users\Paul\Desktop\EUROSEC2005-Google_hacking.pdf [2011/07/17 12:59:52 | 000,032,474 | ---- | C] () -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks ido.htm [2011/07/17 12:43:02 | 000,024,892 | ---- | C] () -- C:\Users\Paul\Desktop\Advisories and Vulnerabilities - Google Hacking Database.htm [2011/07/17 12:42:53 | 000,024,297 | ---- | C] () -- C:\Users\Paul\Desktop\Google Hacking Database, GHDB, Google Dorks.htm [2011/07/17 12:29:46 | 000,073,175 | ---- | C] () -- C:\Users\Paul\Desktop\viewer gh.htm [2011/07/16 08:55:16 | 000,367,312 | ---- | C] () -- C:\Users\Paul\Desktop\jr_0027.pdf [2011/07/16 08:49:38 | 000,063,993 | ---- | C] () -- C:\Users\Paul\Desktop\installer-un-evier-a-encastrer.html [2011/07/16 07:27:40 | 000,001,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Agent Personal.lnk [2011/07/16 07:27:39 | 000,109,967 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe [2011/07/16 06:46:30 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2011/07/15 14:38:21 | 000,036,143 | ---- | C] () -- C:\Users\Paul\Documents\HENRIETTE.jpg [2011/07/15 12:02:08 | 000,123,861 | ---- | C] () -- C:\Users\Paul\Desktop\Sali01 _ Flickr - Photo Sharing!.htm [2011/07/15 11:55:28 | 000,128,348 | ---- | C] () -- C:\Users\Paul\Desktop\inTombi 1 _ Flickr - Photo Sharing!.htm [2011/07/15 11:29:59 | 000,157,802 | ---- | C] () -- C:\Users\Paul\Desktop\Visitors at the Reed Dance _ Flickr - Photo Sharing!.htm [2011/07/15 11:29:31 | 000,109,860 | ---- | C] () -- C:\Users\Paul\Desktop\Flickr Zululand Eco-Adventures' Photostream.htm [2011/07/15 11:23:20 | 000,087,255 | ---- | C] () -- C:\Users\Paul\Desktop\umhlanga.htm [2011/07/15 10:53:03 | 000,041,217 | ---- | C] () -- C:\Users\Paul\Desktop\Le google hacking _ Lolokai.htm [2011/07/15 10:48:39 | 000,145,857 | ---- | C] () -- C:\Users\Paul\Desktop\Comment trouver des Mp3 avec Google - Spi0n.com.htm [2011/07/15 10:14:46 | 000,038,444 | ---- | C] () -- C:\Users\Paul\Desktop\telecharger-micro-hebdo-n-661.html [2011/07/14 17:44:17 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/07/13 21:11:27 | 000,070,171 | ---- | C] () -- C:\Users\Paul\Desktop\viewer.htm [2011/07/13 12:58:23 | 000,009,608 | ---- | C] () -- C:\Users\Paul\Documents\Sans nom 2.odt [2011/07/12 19:09:11 | 000,009,097 | ---- | C] () -- C:\Users\Paul\Documents\Sans nom 1.odt [2011/07/11 08:23:08 | 000,010,067 | ---- | C] () -- C:\Users\Paul\Desktop\imgres vi.htm [2011/07/11 08:20:06 | 000,068,368 | ---- | C] () -- C:\Users\Paul\Desktop\danca-dos-maswazi.html [2011/07/11 08:19:02 | 000,082,464 | ---- | C] () -- C:\Users\Paul\Desktop\swaziland umhlanga festival girl power to the max! « Travel. – Not All Men Are Monsters – Sex. Travel. Food. Life. – Brian Johnston.htm [2011/07/10 09:36:17 | 000,137,728 | ---- | C] () -- C:\Users\Paul\Desktop\Amy Nude _ Flickr partage de photos !.htm [2011/07/10 09:26:00 | 000,254,676 | ---- | C] () -- C:\Users\Paul\Desktop\photostream 2.htm [2011/07/10 09:19:56 | 000,177,526 | ---- | C] () -- C:\Users\Paul\Desktop\photostream.htm [2011/07/10 09:18:50 | 000,213,239 | ---- | C] () -- C:\Users\Paul\Desktop\African Girl _ Flickr partage de photos !.htm [2011/07/10 08:23:26 | 000,066,414 | ---- | C] () -- C:\Users\Paul\Desktop\346729.html [2011/07/10 08:14:40 | 000,201,309 | ---- | C] () -- C:\Users\Paul\Desktop\http _www.flickr.com_photos_photosperso_5767743610_in_photostream_.htm [2011/07/10 06:50:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/09 19:32:34 | 736,720,498 | ---- | C] () -- C:\Users\Paul\Desktop\Cash.FRENCH.R5.XviD-GHOST.avi [2011/07/09 19:31:36 | 733,310,976 | ---- | C] () -- C:\Users\Paul\Desktop\City.Hall.French.DVDRiP.avi [2011/07/08 12:53:18 | 000,133,638 | ---- | C] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm [2011/07/06 21:07:23 | 892,070,332 | ---- | C] () -- C:\Users\Paul\Desktop\Le secret du chevalier d'Eon.avi [2011/07/06 21:02:37 | 730,216,448 | ---- | C] () -- C:\Users\Paul\Desktop\Secret.Defense.FRENCH.DVDRip.XviD-ZANBiC.avi [2011/07/06 21:01:23 | 733,782,016 | ---- | C] () -- C:\Users\Paul\Desktop\Wisegal.STV.2008.FRENCH.DVDRiP.XViD-S60.By.Emulix.[emule-island.com].avi [2011/07/06 21:00:01 | 733,988,864 | ---- | C] () -- C:\Users\Paul\Desktop\F - The Lost Angel (Action Policier 2004).avi [2011/07/06 20:57:21 | 655,284,560 | ---- | C] () -- C:\Users\Paul\Desktop\Himalaya, le chemin du ciel.avi [2011/07/05 12:29:11 | 000,141,423 | ---- | C] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html [2011/07/05 12:11:20 | 734,076,928 | ---- | C] () -- C:\Users\Paul\Desktop\Australia.FRENCH.DVDRiP.XViD.avi [2011/07/04 18:48:35 | 000,001,046 | ---- | C] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk [2011/07/03 18:49:52 | 000,085,796 | ---- | C] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm [2011/06/30 16:32:09 | 000,035,711 | ---- | C] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html [2011/06/29 13:28:13 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job [2011/06/29 13:14:29 | 000,013,966 | ---- | C] () -- C:\Users\Paul\Desktop\trajet.htm [2011/06/27 13:18:25 | 000,055,583 | ---- | C] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm [2011/06/26 21:11:57 | 720,216,064 | ---- | C] () -- C:\Users\Paul\Desktop\L'Arnaque.avi [2011/06/26 08:03:11 | 001,016,940 | ---- | C] () -- C:\Users\Paul\Documents\Commande no 24351607.pdf [2011/06/25 17:24:39 | 000,273,044 | ---- | C] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf [2011/06/25 17:24:39 | 000,262,253 | ---- | C] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf [2011/06/25 14:42:48 | 000,013,049 | ---- | C] () -- C:\Users\Paul\Documents\Attestation valeur 3.odt [2011/06/23 18:58:59 | 000,002,141 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/06/08 15:01:02 | 000,003,584 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/02 07:28:30 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{19A7151B-5487-4BA2-A9DE-3AFE66360AF2} [2011/05/15 17:25:26 | 000,088,064 | ---- | C] () -- C:\Windows\AMUninst01c.exe [2011/05/14 21:31:26 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{15096A74-3610-455C-A297-2FCA3671C506} [2011/05/09 19:18:31 | 000,000,017 | ---- | C] () -- C:\Users\Paul\AppData\Local\resmon.resmoncfg [2011/04/12 08:58:19 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011/03/23 01:10:24 | 000,001,854 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\GhostObjGAFix.xml [2011/01/17 07:47:58 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/11/07 08:44:08 | 000,000,571 | ---- | C] () -- C:\Windows\SysWow64\FeMakro.ini [2010/11/07 08:44:08 | 000,000,497 | ---- | C] () -- C:\Windows\SysWow64\FeAnim.ini [2010/09/24 08:06:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/05/11 03:56:43 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2010/05/11 03:56:43 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2010/05/11 03:56:43 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2010/05/11 03:56:43 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2010/05/11 03:22:24 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2010/05/11 03:22:24 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2010/01/09 02:31:36 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009/09/29 17:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 08:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 05:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 03:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/14 00:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009/07/14 00:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2003/04/01 12:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== LOP Check ========== [2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid [2011/07/16 07:27:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Copernic [2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona [2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule [2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0 [2011/07/19 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mp3tag [2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org [2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit [2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus [2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium [2011/07/21 08:53:07 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Template [2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent [2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO [2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs [2011/07/20 17:41:25 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %temp%\smtmp\1\*.* /s > < %temp%\smtmp\2\*.* /s > < %temp%\smtmp\4\*.* /s > < nslookup www.google.fr /c > Serveur : UnKnown Address: 127.0.0.1 < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/03/30 13:04:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Adobe [2010/09/19 19:01:05 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Apple Computer [2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid [2011/07/16 07:27:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Copernic [2011/04/12 08:58:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Corel [2010/09/15 22:23:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\CyberLink [2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona [2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule [2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0 [2011/02/01 17:38:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard [2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HP Support Assistant [2010/09/15 18:28:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\hpqLog [2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HpUpdate [2010/09/15 16:53:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Identities [2010/09/15 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macromedia [2010/09/15 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macrovision [2011/05/18 14:57:28 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Malwarebytes [2010/05/11 12:13:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Media Center Programs [2011/07/21 08:51:55 | 000,000,000 | --SD | M] -- C:\Users\Paul\AppData\Roaming\Microsoft [2010/09/15 20:35:07 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla [2011/07/19 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mp3tag [2011/02/07 15:36:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Nero [2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org [2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit [2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus [2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium [2011/07/21 08:53:07 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Template [2011/06/21 21:22:53 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\vlc [2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent [2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO [2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 02:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: CTFMON.EXE > [2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe [2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe [2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe [2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe < MD5 for: DISK.SYS > [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys < MD5 for: DWM.EXE > [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\SysNative\dwm.exe [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_e99885bbd6e301de\dwm.exe [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe < MD5 for: EVENTLOG.DLL > [2007/05/17 23:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe [2011/02/26 09:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011/02/26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009/07/14 04:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011/02/26 08:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009/10/31 08:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011/02/26 08:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/20 15:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe [2009/08/03 09:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009/10/31 09:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 08:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010/11/20 16:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/10/31 09:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 08:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 04:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 09:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe [2011/02/26 09:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009/08/03 09:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe < MD5 for: IASTOR.SYS > [2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\SwSetup\Drivers\IMSM\Winall\Driver\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\SwSetup\Drivers\IMSM\Winall\Driver64\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys < MD5 for: IASTORV.SYS > [2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 09:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 09:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 09:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 04:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NDIS.SYS > [2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009/07/14 04:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 04:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 04:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 04:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 09:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 09:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 09:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: RASACD.SYS > [2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys [2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys < MD5 for: RDPCLIP.EXE > [2010/11/20 16:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe [2009/07/14 04:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe < MD5 for: RDPWD.SYS > [2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SysNative\drivers\rdpwd.sys [2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys [2009/07/14 03:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 04:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 04:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys < MD5 for: TASKENG.EXE > [2010/11/02 07:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe [2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SysWOW64\taskeng.exe [2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [2010/11/02 08:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe [2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SysNative\taskeng.exe [2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe [2010/11/02 08:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe [2009/07/14 04:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe [2009/07/14 04:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe [2010/11/02 07:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe < MD5 for: TASKHOST.EXE > [2009/07/14 04:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe [2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SysNative\taskhost.exe [2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe < MD5 for: TCPIP.SYS > [2011/04/25 08:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys [2010/11/20 16:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys [2010/06/14 09:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys [2011/04/25 08:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys [2010/06/14 09:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys [2009/07/14 04:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys [2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\SysNative\drivers\tcpip.sys [2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys [2011/04/25 09:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys [2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys < MD5 for: TDTCP.SYS > [2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys [2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys [2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys < MD5 for: USERINIT.EXE > [2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 04:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: VOLSNAP.SYS > [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009/07/14 04:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys < MD5 for: WININIT.EXE > [2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 04:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 10:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 09:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < > < End of report >

Salut, Le rapport Malawarebytes ne montre plus de fichiers infectés.Bear share a été eliminé. Merçi pour l'aide. Voila le rapport Malwarebytes pour info. Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7139 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 16/07/2011 08:14:22 mbam-log-2011-07-16 (08-14-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 169077 Temps écoulé: 2 minute(s), 32 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonjour; Voila le premier rapport All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3619440750-2551092191-1784321679-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ not found. Prefs.js: "iMesh Web Search" removed from browser.search.defaultenginename Prefs.js: "iMesh Web Search" removed from browser.search.order.1 Prefs.js: "BearShare Web Search" removed from browser.search.selectedEngine Prefs.js: false removed from browser.search.suggest.enabled Prefs.js: true removed from browser.search.useDBForOrder Prefs.js: "http://search.imesh.com/web?src=ffb&systemid=1&q=" removed from keyword.URL File C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\BearShareWebSearch.xml not found. File C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\flickr-search-suggestions.xml not found. File C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB720781-0670-4e46-B82E-376AEF228F25}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB720781-0670-4e46-B82E-376AEF228F25}\ not found. File C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. Registry value HKEY_USERS\S-1-5-19\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found. Registry value HKEY_USERS\S-1-5-20\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ not found. File Protocol\Handler\msdaipp - No CLSID value found not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll deleted successfully. ========== FILES ========== File\Folder C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\BearShareWebSearch.xml not found. File\Folder C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\flickr-search-suggestions.xml not found. File\Folder C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml not found. File\Folder C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll not found. File\Folder C:\Users\Paul\AppData\Roaming\Tuto4pc not found. File\Folder C:\Users\Paul\AppData\Local\Tuto4pc not found. File\Folder C:\Program Files (x86)\Tuto4pc not found. File\Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4PC not found. File\Folder C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} not found. File\Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue not found. File\Folder C:\Users\Paul\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe not found. File\Folder C:\Users\Paul\AppData\Roaming\Tuto4pc not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Tuto Archi Facile_is1 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Tuto Avast_is1 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Tuto4pc_is1 not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Paul ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 66340 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 7785620 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 7,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Paul ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.25.0 log created on 07142011_172813 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Bonjour, Merçi pour votre aide. Je viens de changer de souris et le problème a disparu. Cordialement

Bonjour; Voila les rapports: OTL logfile created on: 10/07/2011 06:49:39 - Run 1 OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Paul\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,99 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,73% Memory free 7,98 Gb Paging File | 6,45 Gb Available in Paging File | 80,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 578,94 Gb Total Space | 427,83 Gb Free Space | 73,90% Space Free | Partition Type: NTFS Drive D: | 596,17 Gb Total Space | 518,96 Gb Free Space | 87,05% Space Free | Partition Type: NTFS Drive E: | 16,94 Gb Total Space | 2,74 Gb Free Space | 16,15% Space Free | Partition Type: NTFS Drive F: | 99,34 Mb Total Space | 92,74 Mb Free Space | 93,36% Space Free | Partition Type: FAT32 Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (UDisk Monitor) -- C:\Program Files\MOOV 3G+\bin\MonServiceUDisk.exe () SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.) SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (NETw5s64) Pilote de carte Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (zteusbser) -- C:\Windows\SysNative\drivers\zteusbser.sys (ZTE Corporation) DRV:64bit: - (umpusbvista) -- C:\Windows\SysNative\drivers\umpusbvista.sys (Texas Instruments Inc) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "iMesh Web Search" FF - prefs.js..browser.search.order.1: "iMesh Web Search" FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: [email protected]:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://search.imesh.com/web?src=ffb&systemid=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/05/11 04:06:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/27 18:03:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/27 18:03:38 | 000,000,000 | ---D | M] [2011/04/16 08:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions [2010/09/15 22:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions\[email protected] [2011/07/09 09:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions [2011/02/18 14:31:25 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions\[email protected] [2010/09/14 15:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\BearShareWebSearch.xml [2010/11/05 10:47:22 | 000,002,272 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\flickr-search-suggestions.xml [2011/05/28 12:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/09/24 17:03:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/23 10:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/16 15:12:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/02/09 19:05:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/05/18 15:04:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/03/21 08:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll [2011/06/27 18:03:36 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml [2010/09/14 15:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml [2011/06/27 18:03:36 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/06/27 18:03:36 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml [2011/06/27 18:03:36 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/06/27 18:03:36 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (T4PCBHO Class) - {AB720781-0670-4e46-B82E-376AEF228F25} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll (Tuto4PC) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4:64bit: - HKLM..\Run: [intelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Tuto4pc] File not found O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O4 - Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8:64bit: - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell - "" = AutoRun O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell - "" = AutoRun O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell - "" = AutoRun O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell - "" = AutoRun O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.) MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - () MsConfig:64bit - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig:64bit - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG) MsConfig:64bit - StartUpReg: WirelessAssistant - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) ========== Files/Folders - Created Within 30 Days ========== [2011/07/10 06:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\showthread.php 22_fichiers [2011/07/09 11:49:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725_fichiers [2011/07/09 11:29:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877_fichiers [2011/07/09 10:26:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Pics [2011/07/09 07:07:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Jigs [2011/07/09 07:05:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BOOKS 1 [2011/07/08 12:53:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747_fichiers [2011/07/07 18:18:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide_fichiers [2011/07/07 18:16:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide_fichiers [2011/07/07 08:00:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\lyman_fichiers [2011/07/06 15:45:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910_fichiers [2011/07/06 09:01:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\actualiteNationale.php_fichiers [2011/07/05 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\print.asp router_fichiers [2011/07/05 17:19:20 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\article-30676114_fichiers [2011/07/05 12:29:11 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982_fichiers [2011/07/04 11:59:33 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379_fichiers [2011/07/04 10:02:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Camping, Eclairage,Orientation,Optique [2011/07/04 09:56:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Doc Fixations ,Visserie,Mecanique, [2011/07/04 09:54:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Transports, [2011/07/04 09:51:27 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Madagascar [2011/07/03 20:29:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409_fichiers [2011/07/03 18:49:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité_fichiers [2011/07/03 14:57:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\showthread.php_fichiers [2011/07/03 14:55:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10_fichiers [2011/07/03 14:54:00 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297_fichiers [2011/07/02 12:41:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\zhpdiag_fichiers [2011/06/30 19:29:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\edit_fichiers [2011/06/30 18:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4PC [2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Tuto4pc [2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Tuto4pc [2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc [2011/06/30 16:32:09 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436_fichiers [2011/06/29 21:12:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\oregon-450_fichiers [2011/06/29 20:43:14 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature_fichiers [2011/06/29 20:41:47 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature_fichiers [2011/06/29 16:54:07 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2011/06/29 16:54:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2011/06/29 16:54:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2011/06/29 16:54:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2011/06/29 16:54:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2011/06/29 16:54:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2011/06/29 16:54:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2011/06/29 16:54:00 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2011/06/29 16:54:00 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2011/06/29 16:54:00 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2011/06/29 16:54:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2011/06/29 16:54:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2011/06/29 16:54:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll [2011/06/29 16:54:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2011/06/29 16:54:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2011/06/29 16:53:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2011/06/29 13:33:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Massif+du+Makay_fichiers [2011/06/29 13:31:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\tananarive_manambato_fichiers [2011/06/29 13:14:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\trajet_fichiers [2011/06/29 13:10:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\stations_fichiers [2011/06/28 17:38:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\index.php_fichiers [2011/06/28 11:58:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\welcome_fichiers [2011/06/27 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli_fichiers [2011/06/27 18:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Souris Microsoft [2011/06/27 18:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2011/06/27 18:15:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\messages-2_fichiers [2011/06/27 18:12:55 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\messages-1_fichiers [2011/06/27 13:18:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable_fichiers [2011/06/27 12:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2011/06/25 17:15:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Dossier [2011/06/25 11:59:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195_fichiers [2011/06/25 11:58:14 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\spip.php_fichiers [2011/06/23 18:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60} [2011/06/23 13:00:19 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\callcreditcard3D_fichiers [2011/06/23 07:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [2011/06/21 13:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2011/06/19 06:28:39 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\5ch3_seq1_act2_fichiers [2011/06/18 19:17:15 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/06/18 19:17:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/06/18 19:17:14 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/06/18 19:17:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/06/18 19:16:28 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011/06/13 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\la-carte-mere_fichiers [2011/06/13 09:28:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Logiciels [2011/06/13 08:19:47 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Fims vus Marc [2011/06/12 20:54:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LDW [2011/06/12 20:53:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WildTangent [2011/06/12 17:09:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\cyclone_fichiers [2011/06/11 09:14:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2011/06/11 09:09:26 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011/06/11 07:47:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Films 4 [2011/06/10 17:18:55 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\viewtopic.php_fichiers [2011/06/10 17:05:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\bv.aspx_fichiers [2011/06/10 16:49:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\imgres_fichiers [2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ] [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/07/10 06:50:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/10 06:29:05 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/07/10 06:15:06 | 000,089,080 | ---- | M] () -- C:\Users\Paul\Desktop\showthread.php 22.htm [2011/07/10 05:58:49 | 000,057,273 | ---- | M] () -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725.html [2011/07/10 05:52:11 | 002,114,056 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/07/10 05:52:11 | 001,530,784 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/07/10 05:52:11 | 000,416,924 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/07/10 05:52:11 | 000,377,956 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/07/10 05:52:11 | 000,050,046 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/07/10 05:48:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/07/09 20:44:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/07/09 20:44:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/07/09 20:37:02 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/07/09 20:36:19 | 3214,045,184 | -HS- | M] () -- C:\hiberfil.sys [2011/07/09 11:29:18 | 000,132,384 | ---- | M] () -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877.html [2011/07/08 16:40:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/07/08 12:53:20 | 000,133,638 | ---- | M] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm [2011/07/08 07:21:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job [2011/07/07 19:09:56 | 000,491,366 | ---- | M] () -- C:\Users\Paul\Desktop\manuel-installation-biodigesteur.pdf [2011/07/07 18:18:59 | 000,161,882 | ---- | M] () -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide.htm [2011/07/07 18:16:08 | 000,154,058 | ---- | M] () -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide.htm [2011/07/07 08:40:39 | 000,550,990 | ---- | M] () -- C:\Users\Paul\Desktop\pdf la lettre.pdf [2011/07/07 08:01:00 | 000,006,533 | ---- | M] () -- C:\Users\Paul\Desktop\lyman.html [2011/07/06 15:45:51 | 000,097,715 | ---- | M] () -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910.htm [2011/07/06 09:01:48 | 000,037,181 | ---- | M] () -- C:\Users\Paul\Desktop\actualiteNationale.php.htm [2011/07/05 17:21:06 | 000,016,367 | ---- | M] () -- C:\Users\Paul\Desktop\print.asp router.htm [2011/07/05 17:19:21 | 000,051,406 | ---- | M] () -- C:\Users\Paul\Desktop\article-30676114.html [2011/07/05 12:29:13 | 000,141,423 | ---- | M] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html [2011/07/04 18:48:35 | 000,001,046 | ---- | M] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk [2011/07/04 17:12:52 | 000,125,233 | ---- | M] () -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379.html [2011/07/04 14:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/07/04 14:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/07/04 14:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/07/04 14:37:39 | 000,129,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2011/07/04 14:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011/07/04 14:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/07/04 14:36:24 | 000,257,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2011/07/04 14:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/07/04 14:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/07/04 14:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/07/04 14:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/07/03 20:29:18 | 000,073,885 | ---- | M] () -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409.htm [2011/07/03 18:49:53 | 000,085,796 | ---- | M] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm [2011/07/03 14:57:54 | 000,120,396 | ---- | M] () -- C:\Users\Paul\Desktop\showthread.php.htm [2011/07/03 14:55:27 | 000,148,276 | ---- | M] () -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10.html [2011/07/03 14:54:02 | 000,147,715 | ---- | M] () -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297.html [2011/07/02 21:02:20 | 000,393,179 | ---- | M] () -- C:\Users\Paul\Desktop\bpt6k121915z.r='la+certenue'.langFR [2011/07/02 18:03:53 | 001,350,812 | ---- | M] () -- C:\Users\Paul\Desktop\multi_page.pdf [2011/07/02 12:41:09 | 000,105,350 | ---- | M] () -- C:\Users\Paul\Desktop\zhpdiag.html [2011/07/01 12:34:09 | 000,650,719 | ---- | M] () -- C:\Users\Paul\Desktop\v03180_TRA.pdf [2011/06/30 19:30:13 | 001,519,156 | ---- | M] () -- C:\Users\Paul\Desktop\34651.pdf [2011/06/30 19:29:04 | 000,672,993 | ---- | M] () -- C:\Users\Paul\Desktop\edit.htm [2011/06/30 16:32:09 | 000,035,711 | ---- | M] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html [2011/06/29 21:12:57 | 000,044,010 | ---- | M] () -- C:\Users\Paul\Desktop\oregon-450.html [2011/06/29 20:43:15 | 000,022,745 | ---- | M] () -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature.htm [2011/06/29 20:41:56 | 000,021,704 | ---- | M] () -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature.htm [2011/06/29 17:37:07 | 000,400,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/06/29 13:33:32 | 000,046,840 | ---- | M] () -- C:\Users\Paul\Desktop\Massif+du+Makay.html [2011/06/29 13:31:31 | 000,039,961 | ---- | M] () -- C:\Users\Paul\Desktop\tananarive_manambato.htm [2011/06/29 13:14:43 | 000,013,966 | ---- | M] () -- C:\Users\Paul\Desktop\trajet.htm [2011/06/29 13:11:06 | 000,064,266 | ---- | M] () -- C:\Users\Paul\Desktop\stations.htm [2011/06/28 17:38:02 | 000,107,769 | ---- | M] () -- C:\Users\Paul\Desktop\index.php.htm [2011/06/28 15:54:37 | 000,549,814 | ---- | M] () -- C:\Users\Paul\Desktop\open office writer - bien rdiger ses courriers.pdf [2011/06/28 11:59:00 | 000,177,542 | ---- | M] () -- C:\Users\Paul\Desktop\welcome.htm [2011/06/27 20:11:57 | 000,039,669 | ---- | M] () -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli.html [2011/06/27 18:15:13 | 000,154,208 | ---- | M] () -- C:\Users\Paul\Desktop\messages-2.html [2011/06/27 18:12:58 | 000,118,477 | ---- | M] () -- C:\Users\Paul\Desktop\messages-1.html [2011/06/27 13:18:26 | 000,055,583 | ---- | M] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm [2011/06/25 11:59:29 | 000,057,076 | ---- | M] () -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195.htm [2011/06/25 11:58:14 | 000,036,272 | ---- | M] () -- C:\Users\Paul\Desktop\spip.php.htm [2011/06/25 11:56:13 | 001,314,582 | ---- | M] () -- C:\Users\Paul\Desktop\Guide_Writer.pdf [2011/06/23 19:07:33 | 000,273,044 | ---- | M] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf [2011/06/23 18:58:59 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/06/23 18:51:22 | 000,262,253 | ---- | M] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf [2011/06/23 18:12:44 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011/06/23 13:00:20 | 000,007,566 | ---- | M] () -- C:\Users\Paul\Desktop\callcreditcard3D.htm [2011/06/19 06:28:40 | 000,010,203 | ---- | M] () -- C:\Users\Paul\Desktop\5ch3_seq1_act2.htm [2011/06/13 15:03:37 | 000,013,691 | ---- | M] () -- C:\Users\Paul\Desktop\la-carte-mere.htm [2011/06/12 17:09:47 | 000,011,348 | ---- | M] () -- C:\Users\Paul\Desktop\cyclone.html [2011/06/11 23:31:47 | 000,000,201 | ---- | M] () -- C:\Users\Paul\Desktop\#q=bois+de+rose+filetypepdf&hl=fr&safe=off&prmd=ivns&ei=RRLxTY2WLs2q8APz74SUBA&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=9a97b.URL [2011/06/11 09:13:34 | 000,001,201 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/06/11 09:09:26 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011/06/10 17:18:55 | 000,029,640 | ---- | M] () -- C:\Users\Paul\Desktop\viewtopic.php.htm [2011/06/10 17:05:32 | 000,006,150 | ---- | M] () -- C:\Users\Paul\Desktop\bv.aspx.htm [2011/06/10 16:50:07 | 000,009,941 | ---- | M] () -- C:\Users\Paul\Desktop\imgres.htm [2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ] [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/07/10 06:50:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/10 06:15:05 | 000,089,080 | ---- | C] () -- C:\Users\Paul\Desktop\showthread.php 22.htm [2011/07/10 05:58:49 | 000,057,273 | ---- | C] () -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725.html [2011/07/09 19:32:34 | 736,720,498 | ---- | C] () -- C:\Users\Paul\Desktop\Cash.FRENCH.R5.XviD-GHOST.avi [2011/07/09 19:31:36 | 733,310,976 | ---- | C] () -- C:\Users\Paul\Desktop\City.Hall.French.DVDRiP.avi [2011/07/09 11:29:15 | 000,132,384 | ---- | C] () -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877.html [2011/07/08 12:53:18 | 000,133,638 | ---- | C] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm [2011/07/07 19:07:48 | 000,491,366 | ---- | C] () -- C:\Users\Paul\Desktop\manuel-installation-biodigesteur.pdf [2011/07/07 18:18:51 | 000,161,882 | ---- | C] () -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide.htm [2011/07/07 18:16:07 | 000,154,058 | ---- | C] () -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide.htm [2011/07/07 08:40:39 | 000,550,990 | ---- | C] () -- C:\Users\Paul\Desktop\pdf la lettre.pdf [2011/07/07 08:00:59 | 000,006,533 | ---- | C] () -- C:\Users\Paul\Desktop\lyman.html [2011/07/06 21:07:23 | 892,070,332 | ---- | C] () -- C:\Users\Paul\Desktop\Le secret du chevalier d'Eon.avi [2011/07/06 21:02:37 | 730,216,448 | ---- | C] () -- C:\Users\Paul\Desktop\Secret.Defense.FRENCH.DVDRip.XviD-ZANBiC.avi [2011/07/06 21:01:23 | 733,782,016 | ---- | C] () -- C:\Users\Paul\Desktop\Wisegal.STV.2008.FRENCH.DVDRiP.XViD-S60.By.Emulix.[emule-island.com].avi [2011/07/06 21:00:01 | 733,988,864 | ---- | C] () -- C:\Users\Paul\Desktop\F - The Lost Angel (Action Policier 2004).avi [2011/07/06 20:57:21 | 655,284,560 | ---- | C] () -- C:\Users\Paul\Desktop\Himalaya, le chemin du ciel.avi [2011/07/06 15:45:50 | 000,097,715 | ---- | C] () -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910.htm [2011/07/06 09:01:46 | 000,037,181 | ---- | C] () -- C:\Users\Paul\Desktop\actualiteNationale.php.htm [2011/07/05 17:21:06 | 000,016,367 | ---- | C] () -- C:\Users\Paul\Desktop\print.asp router.htm [2011/07/05 17:19:19 | 000,051,406 | ---- | C] () -- C:\Users\Paul\Desktop\article-30676114.html [2011/07/05 12:29:11 | 000,141,423 | ---- | C] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html [2011/07/05 12:11:20 | 734,076,928 | ---- | C] () -- C:\Users\Paul\Desktop\Australia.FRENCH.DVDRiP.XViD.avi [2011/07/04 18:48:35 | 000,001,046 | ---- | C] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk [2011/07/04 11:59:33 | 000,125,233 | ---- | C] () -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379.html [2011/07/03 20:29:18 | 000,073,885 | ---- | C] () -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409.htm [2011/07/03 18:49:52 | 000,085,796 | ---- | C] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm [2011/07/03 14:57:54 | 000,120,396 | ---- | C] () -- C:\Users\Paul\Desktop\showthread.php.htm [2011/07/03 14:55:26 | 000,148,276 | ---- | C] () -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10.html [2011/07/03 14:54:00 | 000,147,715 | ---- | C] () -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297.html [2011/07/02 21:02:13 | 000,393,179 | ---- | C] () -- C:\Users\Paul\Desktop\bpt6k121915z.r='la+certenue'.langFR [2011/07/02 18:02:05 | 001,350,812 | ---- | C] () -- C:\Users\Paul\Desktop\multi_page.pdf [2011/07/02 12:41:07 | 000,105,350 | ---- | C] () -- C:\Users\Paul\Desktop\zhpdiag.html [2011/07/01 12:33:18 | 000,650,719 | ---- | C] () -- C:\Users\Paul\Desktop\v03180_TRA.pdf [2011/06/30 19:29:02 | 000,672,993 | ---- | C] () -- C:\Users\Paul\Desktop\edit.htm [2011/06/30 19:28:32 | 001,519,156 | ---- | C] () -- C:\Users\Paul\Desktop\34651.pdf [2011/06/30 16:32:09 | 000,035,711 | ---- | C] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html [2011/06/29 21:12:57 | 000,044,010 | ---- | C] () -- C:\Users\Paul\Desktop\oregon-450.html [2011/06/29 20:43:14 | 000,022,745 | ---- | C] () -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature.htm [2011/06/29 20:41:47 | 000,021,704 | ---- | C] () -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature.htm [2011/06/29 13:33:23 | 000,046,840 | ---- | C] () -- C:\Users\Paul\Desktop\Massif+du+Makay.html [2011/06/29 13:31:29 | 000,039,961 | ---- | C] () -- C:\Users\Paul\Desktop\tananarive_manambato.htm [2011/06/29 13:28:13 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job [2011/06/29 13:14:29 | 000,013,966 | ---- | C] () -- C:\Users\Paul\Desktop\trajet.htm [2011/06/29 13:11:05 | 000,064,266 | ---- | C] () -- C:\Users\Paul\Desktop\stations.htm [2011/06/28 17:38:01 | 000,107,769 | ---- | C] () -- C:\Users\Paul\Desktop\index.php.htm [2011/06/28 15:54:06 | 000,549,814 | ---- | C] () -- C:\Users\Paul\Desktop\open office writer - bien rdiger ses courriers.pdf [2011/06/28 11:58:59 | 000,177,542 | ---- | C] () -- C:\Users\Paul\Desktop\welcome.htm [2011/06/27 20:11:56 | 000,039,669 | ---- | C] () -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli.html [2011/06/27 18:15:10 | 000,154,208 | ---- | C] () -- C:\Users\Paul\Desktop\messages-2.html [2011/06/27 18:12:55 | 000,118,477 | ---- | C] () -- C:\Users\Paul\Desktop\messages-1.html [2011/06/27 13:18:25 | 000,055,583 | ---- | C] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm [2011/06/26 21:11:57 | 720,216,064 | ---- | C] () -- C:\Users\Paul\Desktop\L'Arnaque.avi [2011/06/26 08:03:11 | 001,016,940 | ---- | C] () -- C:\Users\Paul\Documents\Commande no 24351607.pdf [2011/06/25 17:24:39 | 000,273,044 | ---- | C] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf [2011/06/25 17:24:39 | 000,262,253 | ---- | C] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf [2011/06/25 14:42:48 | 000,013,049 | ---- | C] () -- C:\Users\Paul\Documents\Attestation valeur 3.odt [2011/06/25 11:59:28 | 000,057,076 | ---- | C] () -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195.htm [2011/06/25 11:58:14 | 000,036,272 | ---- | C] () -- C:\Users\Paul\Desktop\spip.php.htm [2011/06/25 11:56:12 | 001,314,582 | ---- | C] () -- C:\Users\Paul\Desktop\Guide_Writer.pdf [2011/06/23 18:58:59 | 000,002,141 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/06/23 13:00:19 | 000,007,566 | ---- | C] () -- C:\Users\Paul\Desktop\callcreditcard3D.htm [2011/06/19 06:28:39 | 000,010,203 | ---- | C] () -- C:\Users\Paul\Desktop\5ch3_seq1_act2.htm [2011/06/13 15:03:36 | 000,013,691 | ---- | C] () -- C:\Users\Paul\Desktop\la-carte-mere.htm [2011/06/12 17:09:45 | 000,011,348 | ---- | C] () -- C:\Users\Paul\Desktop\cyclone.html [2011/06/11 23:31:47 | 000,000,201 | ---- | C] () -- C:\Users\Paul\Desktop\#q=bois+de+rose+filetypepdf&hl=fr&safe=off&prmd=ivns&ei=RRLxTY2WLs2q8APz74SUBA&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=9a97b.URL [2011/06/11 09:13:34 | 000,001,201 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/06/11 09:09:26 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011/06/11 08:13:39 | 312,237,654 | ---- | C] () -- C:\Users\Paul\Documents\K8_BD.pdf [2011/06/11 07:56:36 | 000,163,038 | ---- | C] () -- C:\Users\Paul\Documents\DSC09365 (2).JPG [2011/06/11 07:56:15 | 000,163,038 | ---- | C] () -- C:\Users\Paul\Documents\DSC09365.JPG [2011/06/11 07:56:05 | 000,191,881 | ---- | C] () -- C:\Users\Paul\Documents\DSC09363.JPG [2011/06/10 17:18:54 | 000,029,640 | ---- | C] () -- C:\Users\Paul\Desktop\viewtopic.php.htm [2011/06/10 17:05:32 | 000,006,150 | ---- | C] () -- C:\Users\Paul\Desktop\bv.aspx.htm [2011/06/10 16:49:59 | 000,009,941 | ---- | C] () -- C:\Users\Paul\Desktop\imgres.htm [2011/06/08 15:01:02 | 000,003,584 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/02 07:28:30 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{19A7151B-5487-4BA2-A9DE-3AFE66360AF2} [2011/05/15 17:25:26 | 000,088,064 | ---- | C] () -- C:\Windows\AMUninst01c.exe [2011/05/14 21:31:26 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{15096A74-3610-455C-A297-2FCA3671C506} [2011/05/09 19:18:31 | 000,000,017 | ---- | C] () -- C:\Users\Paul\AppData\Local\resmon.resmoncfg [2011/04/12 08:58:19 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011/03/23 01:10:24 | 000,001,854 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\GhostObjGAFix.xml [2011/01/17 07:47:58 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/11/07 08:44:08 | 000,000,571 | ---- | C] () -- C:\Windows\SysWow64\FeMakro.ini [2010/11/07 08:44:08 | 000,000,497 | ---- | C] () -- C:\Windows\SysWow64\FeAnim.ini [2010/09/24 08:06:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/05/11 03:56:43 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2010/05/11 03:56:43 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2010/05/11 03:56:43 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2010/05/11 03:56:43 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2010/05/11 03:22:24 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2010/05/11 03:22:24 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2010/01/09 02:31:36 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009/09/29 17:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 08:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 05:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 03:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/14 00:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009/07/14 00:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2003/04/01 12:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== LOP Check ========== [2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid [2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona [2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule [2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0 [2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org [2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit [2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus [2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium [2011/06/30 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Tuto4pc [2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent [2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO [2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs [2011/05/14 07:19:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %temp%\smtmp\1\*.* /s > < %temp%\smtmp\2\*.* /s > < %temp%\smtmp\4\*.* /s > < nslookup www.google.fr /c > Serveur : UnKnown Address: 127.0.0.1 < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/03/30 13:04:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Adobe [2010/09/19 19:01:05 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Apple Computer [2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid [2011/04/12 08:58:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Corel [2010/09/15 22:23:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\CyberLink [2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona [2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule [2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0 [2011/02/01 17:38:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard [2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HP Support Assistant [2010/09/15 18:28:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\hpqLog [2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HpUpdate [2010/09/15 16:53:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Identities [2010/09/15 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macromedia [2010/09/15 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macrovision [2011/05/18 14:57:28 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Malwarebytes [2010/05/11 12:13:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Media Center Programs [2011/06/08 19:15:14 | 000,000,000 | --SD | M] -- C:\Users\Paul\AppData\Roaming\Microsoft [2010/09/15 20:35:07 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla [2011/02/07 15:36:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Nero [2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org [2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit [2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus [2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium [2011/06/30 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Tuto4pc [2011/06/21 21:22:53 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\vlc [2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent [2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO [2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs < %APPDATA%\*.exe /s > [2011/02/02 12:17:10 | 000,010,134 | R--- | M] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe [2011/04/21 13:46:12 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\Software.exe [2011/04/21 13:46:22 | 000,663,168 | ---- | M] (Tuto4PC) -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\SoftwareHP.exe [2011/06/30 18:21:58 | 001,180,627 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\unins000.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 02:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: CTFMON.EXE > [2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe [2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe [2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe [2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe < MD5 for: DISK.SYS > [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys [2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys < MD5 for: DWM.EXE > [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\SysNative\dwm.exe [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_e99885bbd6e301de\dwm.exe [2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe < MD5 for: EVENTLOG.DLL > [2007/05/17 23:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe [2011/02/26 09:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011/02/26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009/07/14 04:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011/02/26 08:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009/10/31 08:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011/02/26 08:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/20 15:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe [2009/08/03 09:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009/10/31 09:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 08:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010/11/20 16:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/10/31 09:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 08:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 04:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 09:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe [2011/02/26 09:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009/08/03 09:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe < MD5 for: IASTOR.SYS > [2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\SwSetup\Drivers\IMSM\Winall\Driver\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\SwSetup\Drivers\IMSM\Winall\Driver64\IaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys [2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys < MD5 for: IASTORV.SYS > [2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 09:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 09:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 09:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 04:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NDIS.SYS > [2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009/07/14 04:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 04:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 04:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 04:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 09:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 09:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 09:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: RASACD.SYS > [2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys [2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys < MD5 for: RDPCLIP.EXE > [2010/11/20 16:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe [2009/07/14 04:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe < MD5 for: RDPWD.SYS > [2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SysNative\drivers\rdpwd.sys [2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys [2009/07/14 03:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 04:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 04:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys [2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys < MD5 for: TASKENG.EXE > [2010/11/02 07:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe [2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SysWOW64\taskeng.exe [2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [2010/11/02 08:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe [2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SysNative\taskeng.exe [2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe [2010/11/02 08:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe [2009/07/14 04:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe [2009/07/14 04:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe [2010/11/02 07:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe < MD5 for: TASKHOST.EXE > [2009/07/14 04:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe [2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SysNative\taskhost.exe [2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe < MD5 for: TCPIP.SYS > [2011/04/25 08:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys [2010/11/20 16:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys [2010/06/14 09:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys [2011/04/25 08:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys [2010/06/14 09:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys [2009/07/14 04:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys [2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\SysNative\drivers\tcpip.sys [2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys [2011/04/25 09:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys [2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys < MD5 for: TDTCP.SYS > [2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys [2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys [2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys [2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys < MD5 for: USERINIT.EXE > [2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 04:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: VOLSNAP.SYS > [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009/07/14 04:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys < MD5 for: WININIT.EXE > [2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 04:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 10:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 09:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < > < > < End of report > OTL Extras logfile created on: 10/07/2011 06:49:39 - Run 1 OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Paul\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,99 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,73% Memory free 7,98 Gb Paging File | 6,45 Gb Available in Paging File | 80,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 578,94 Gb Total Space | 427,83 Gb Free Space | 73,90% Space Free | Partition Type: NTFS Drive D: | 596,17 Gb Total Space | 518,96 Gb Free Space | 87,05% Space Free | Partition Type: NTFS Drive E: | 16,94 Gb Total Space | 2,74 Gb Free Space | 16,15% Space Free | Partition Type: NTFS Drive F: | 99,34 Mb Total Space | 92,74 Mb Free Space | 93,36% Space Free | Partition Type: FAT32 Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java 6 Update 15 (64-bit) "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{8FCDACA0-E090-4A9A-AC71-A96E7371DC6E}" = HP 3D DriveGuard "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology "{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1 "NVIDIA Drivers" = NVIDIA Drivers "SynTPDeinstKey" = Synaptics Pointing Device Driver "ZTEWireless-101_is1" = MOOV 3G+ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3 "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1e3cc995-65a6-4515-8fa6-15a685cc30f0}" = Nero BackItUp 4 Essentials "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java 6 Update 20 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}" = HP User Guides 0153 "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{6088FAB2-0239-457C-8B34-CAE6E2E528C4}" = Document Express DjVu Plug-in "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{65883ddf-2152-4cb7-8e13-b99194b13498}" = Nero BackItUp "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75c53f52-398b-4d66-b28a-f9ef170b3b34}" = Nero BackItUp "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{9112040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.5 MUI "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "avast" = avast! Internet Security "Celestia_is1" = Celestia 1.6.0 "EasyBits Magic Desktop" = Magic Desktop "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12 "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18) "Picasa 3" = Picasa 3 "ST6UNST #1" = Marées dans le Monde "Stellarium_is1" = Stellarium 0.10.6 "Tuto Archi Facile_is1" = Tuto Archi Facile1.0.0.0 "Tuto Avast_is1" = Tuto Avast1.0.0.0 "Tuto4pc_is1" = Tuto4pc 1.0 "VLC media player" = VLC media player 1.1.7 "WildTangent hp Master Uninstall" = HP Games "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite_Wave3" = Installation Windows Live "YTdetect" = Yahoo! Detect ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 08/07/2011 14:50:57 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 00:05:51 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 00:21:10 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 01:13:03 | Computer Name = Paul-PC | Source = SideBySide | ID = 16842811 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non valide. Error - 09/07/2011 06:01:15 | Computer Name = Paul-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 09/07/2011 11:13:57 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 13:41:28 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 22:52:11 | Computer Name = Paul-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error - 09/07/2011 23:36:09 | Computer Name = Paul-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d672ee4 Nom du module défaillant : ntdll.dll, version : 6.1.7601.17514, horodatage : 0x4ce7c8f9 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000053d4e ID du processus défaillant : 0x78c Heure de début de l’application défaillante : 0x01cc3e5ebed63abe Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : bf9dda93-aaa5-11e0-9881-002713d2f057 Error - 09/07/2011 23:36:14 | Computer Name = Paul-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d672ee4 Nom du module défaillant : ntdll.dll, version : 6.1.7601.17514, horodatage : 0x4ce7c8f9 Code d’exception : 0xc000041d Décalage d’erreur : 0x0000000000053d4e ID du processus défaillant : 0x78c Heure de début de l’application défaillante : 0x01cc3e5ebed63abe Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : c2da3972-aaa5-11e0-9881-002713d2f057 [ Hewlett-Packard Events ] Error - 23/11/2010 23:33:57 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 01/12/2010 00:35:35 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 01/12/2010 00:35:36 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 22/12/2010 00:25:05 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 22/12/2010 00:25:06 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize) à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String path, Encoding encoding) à n.a(Object A_0, EventArgs A_1) Error - 22/03/2011 18:10:23 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031122111020.xml File not created by asset agent Error - 06/04/2011 06:17:16 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041106121711.xml File not created by asset agent Error - 07/05/2011 10:05:28 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051107040525.xml File not created by asset agent Error - 23/05/2011 00:17:49 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051123071747.xml File not created by asset agent Error - 01/06/2011 08:55:11 | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0 Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061101035502.xml File not created by asset agent [ System Events ] Error - 30/06/2011 02:21:55 | Computer Name = Paul-PC | Source = Disk | ID = 262151 Description = Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux. Error - 30/06/2011 02:22:07 | Computer Name = Paul-PC | Source = Disk | ID = 262151 Description = Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux. Error - 30/06/2011 02:22:19 | Computer Name = Paul-PC | Source = Disk | ID = 262151 Description = Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux. Error - 30/06/2011 02:22:31 | Computer Name = Paul-PC | Source = Disk | ID = 262151 Description = Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux. Error - 30/06/2011 02:25:04 | Computer Name = Paul-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 09:24:07 le ?30/?06/?2011 n’était pas prévu. Error - 30/06/2011 02:26:09 | Computer Name = Paul-PC | Source = DCOM | ID = 10010 Description = Error - 30/06/2011 11:46:49 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7043 Description = Le service Windows Update ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture. Error - 03/07/2011 00:22:06 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = Le service HP Health Check Service n’a pas pu démarrer en raison de l’erreur : %%109 Error - 04/07/2011 11:25:04 | Computer Name = Paul-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 18:23:23 le ?04/?07/?2011 n’était pas prévu. Error - 09/07/2011 13:37:10 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : aswSnx < End of report