Aller au contenu

hollowmanf38

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    25

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par hollowmanf38

  1. hollowmanf38
    merci de votre patience avec moi je teste opéra c'est un peux la mémé chose que chrome je vous tien au courent
  2. hollowmanf38
    oui j'ai lancer mbam qui ne trouve rien
  3. hollowmanf38
    ci joint rapport de http://cjoint.com/?DDwskaP3DI0
  4. hollowmanf38
    ci joint le rapport de Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014 Fichier d'export Registre : Run by ERIC at 22/04/2014 18:05:02 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (00mn 01s) Réparation des raccourcis navigateur ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: DU Meter ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\isafekrnlboot.sys SUPPRIMÉ Redémarrage: c:\program files (x86)\du meter\dumeter.exe SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Restauration Système ========== Aucun Point de restauration du système crée ========== Récapitulatif ========== 9 : Valeurs du Registre 2 : Dossiers 3 : Fichiers 1 : Restauration Système End of clean in 00mn 02s ========== Chemin de fichier rapport ========== C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/04/2014 09:35:38 [2261] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R2].txt - 13/04/2014 09:42:22 [1344] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R3].txt - 13/04/2014 10:37:57 [1423] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R4].txt - 18/04/2014 08:51:20 [1598] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R5].txt - 19/04/2014 17:43:00 [1972] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R6].txt - 19/04/2014 19:00:54 [1757] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R7].txt - 20/04/2014 22:02:56 [1836] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R8].txt - 22/04/2014 18:05:04 [1836] je pense que chrome est une passoire a malwaire je vais essayer opera pour voir
  5. hollowmanf38
    RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Suppression -- Date : 04/22/2014 17:22:51 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (AsyncGetClassBits) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B70B0) [Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B7210) [Address] EAT @explorer.exe (BindAsyncMoniker) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1F90) [Address] EAT @explorer.exe (CDLGetLongPathNameA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B78D0) [Address] EAT @explorer.exe (CDLGetLongPathNameW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B78E8) [Address] EAT @explorer.exe (CORPolicyProvider) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1674) [Address] EAT @explorer.exe (CoGetClassObjectFromURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B73FC) [Address] EAT @explorer.exe (CoInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B7460) [Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE365660) [Address] EAT @explorer.exe (CoInternetCombineIUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3680A0) [Address] EAT @explorer.exe (CoInternetCombineUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3546A4) [Address] EAT @explorer.exe (CoInternetCombineUrlEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3543C0) [Address] EAT @explorer.exe (CoInternetCompareUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A5280) [Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE321EE0) [Address] EAT @explorer.exe (CoInternetCreateZoneManager) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE330810) [Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3E0284) [Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A537C) [Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A53D0) [Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE369CD0) [Address] EAT @explorer.exe (CoInternetGetSession) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE322460) [Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE368DC0) [Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3651B8) [Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE361820) [Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A586C) [Address] EAT @explorer.exe (CoInternetParseIUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3556A8) [Address] EAT @explorer.exe (CoInternetParseUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE331490) [Address] EAT @explorer.exe (CoInternetQueryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE367C50) [Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A5AF4) [Address] EAT @explorer.exe (CompareSecurityIds) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE33D1A4) [Address] EAT @explorer.exe (CompatFlagsFromClsid) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE364044) [Address] EAT @explorer.exe (CopyBindInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B3020) [Address] EAT @explorer.exe (CopyStgMedium) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE32BA0C) [Address] EAT @explorer.exe (CreateAsyncBindCtx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3786C0) [Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE363D14) [Address] EAT @explorer.exe (CreateFormatEnumerator) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3468E0) [Address] EAT @explorer.exe (CreateIUriBuilder) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE323660) [Address] EAT @explorer.exe (CreateURLMoniker) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37CCF4) [Address] EAT @explorer.exe (CreateURLMonikerEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3278D0) [Address] EAT @explorer.exe (CreateURLMonikerEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3640F0) [Address] EAT @explorer.exe (CreateUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3216F0) [Address] EAT @explorer.exe (CreateUriFromMultiByteString) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1EE4) [Address] EAT @explorer.exe (CreateUriPriv) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1EF8) [Address] EAT @explorer.exe (CreateUriWithFragment) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1F40) [Address] EAT @explorer.exe (DllCanUnloadNow) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE321600) [Address] EAT @explorer.exe (DllGetClassObject) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE36AB3C) [Address] EAT @explorer.exe (DllInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2458) [Address] EAT @explorer.exe (DllRegisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2464) [Address] EAT @explorer.exe (DllRegisterServerEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37E070) [Address] EAT @explorer.exe (DllUnregisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2470) [Address] EAT @explorer.exe (Extract) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B7F74) [Address] EAT @explorer.exe (FaultInIEFeature) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B8FE8) [Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE356B60) [Address] EAT @explorer.exe (FindMediaType) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2E9C) [Address] EAT @explorer.exe (FindMediaTypeClass) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE346080) [Address] EAT @explorer.exe (FindMimeFromData) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3650BC) [Address] EAT @explorer.exe (GetAddSitesFileUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3E02B0) [Address] EAT @explorer.exe (GetClassFileOrMime) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37B8EC) [Address] EAT @explorer.exe (GetClassURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2074) [Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B92E8) [Address] EAT @explorer.exe (GetIDNFlagsForUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE33C7F0) [Address] EAT @explorer.exe (GetIUriPriv) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1F60) [Address] EAT @explorer.exe (GetIUriPriv2) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1F50) [Address] EAT @explorer.exe (GetLabelsFromNamedHost) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3E8B54) [Address] EAT @explorer.exe (GetMarkOfTheWeb) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D9390) [Address] EAT @explorer.exe (GetPortFromUrlScheme) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1E94) [Address] EAT @explorer.exe (GetPropertyFromName) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1EA4) [Address] EAT @explorer.exe (GetPropertyName) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1EB4) [Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37E070) [Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37DEB4) [Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE326D90) [Address] EAT @explorer.exe (HlinkGoBack) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D6E78) [Address] EAT @explorer.exe (HlinkGoForward) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D6F24) [Address] EAT @explorer.exe (HlinkNavigateMoniker) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D6FD0) [Address] EAT @explorer.exe (HlinkNavigateString) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D7004) [Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D7038) [Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D75E8) [Address] EAT @explorer.exe (IECompatLogCSSFix) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B12FC) [Address] EAT @explorer.exe (IEDllLoader) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A26F0) [Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B3244) [Address] EAT @explorer.exe (IEInstallScope) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B7554) [Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1F70) [Address] EAT @explorer.exe (IsAsyncMoniker) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3621FC) [Address] EAT @explorer.exe (IsDWORDProperty) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1EC4) [Address] EAT @explorer.exe (IsIntranetAvailable) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3E0668) [Address] EAT @explorer.exe (IsJITInProgress) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE33B328) [Address] EAT @explorer.exe (IsLoggingEnabledA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D855C) [Address] EAT @explorer.exe (IsLoggingEnabledW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D8688) [Address] EAT @explorer.exe (IsStringProperty) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A1ED4) [Address] EAT @explorer.exe (IsValidURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE357610) [Address] EAT @explorer.exe (MkParseDisplayNameEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3792F0) [Address] EAT @explorer.exe (ObtainUserAgentString) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3ADCE0) [Address] EAT @explorer.exe (PrivateCoInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B7560) [Address] EAT @explorer.exe (QueryAssociations) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE33E9C0) [Address] EAT @explorer.exe (QueryClsidAssociation) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B0A8C) [Address] EAT @explorer.exe (RegisterBindStatusCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE35F600) [Address] EAT @explorer.exe (RegisterFormatEnumerator) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE361C6C) [Address] EAT @explorer.exe (RegisterMediaTypeClass) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A20C0) [Address] EAT @explorer.exe (RegisterMediaTypes) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2210) [Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE358C54) [Address] EAT @explorer.exe (ReleaseBindInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE327D40) [Address] EAT @explorer.exe (RevokeBindStatusCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE35FBF0) [Address] EAT @explorer.exe (RevokeFormatEnumerator) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A22CC) [Address] EAT @explorer.exe (SetAccessForIEAppContainer) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3B3258) [Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37E070) [Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3ADE50) [Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE363A3C) [Address] EAT @explorer.exe (ShowTrustAlertDialog) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3E0820) [Address] EAT @explorer.exe (URLDownloadA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A5CC4) [Address] EAT @explorer.exe (URLDownloadToCacheFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D7D9C) [Address] EAT @explorer.exe (URLDownloadToCacheFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE34A0C4) [Address] EAT @explorer.exe (URLDownloadToFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D7F10) [Address] EAT @explorer.exe (URLDownloadToFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE34EFD0) [Address] EAT @explorer.exe (URLDownloadW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A5D78) [Address] EAT @explorer.exe (URLOpenBlockingStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D8058) [Address] EAT @explorer.exe (URLOpenBlockingStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D8138) [Address] EAT @explorer.exe (URLOpenPullStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D821C) [Address] EAT @explorer.exe (URLOpenPullStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D82E0) [Address] EAT @explorer.exe (URLOpenStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D8408) [Address] EAT @explorer.exe (URLOpenStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D84D0) [Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE37C9B4) [Address] EAT @explorer.exe (UrlMkBuildVersion) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3A2804) [Address] EAT @explorer.exe (UrlMkGetSessionOption) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE333E60) [Address] EAT @explorer.exe (UrlMkSetSessionOption) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE35D0E4) [Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE34A27C) [Address] EAT @explorer.exe (WriteHitLogging) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D85D0) [Address] EAT @explorer.exe (ZonesReInit) : imagehlp.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFE3D9C30) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD10EACS-00D6B0 SCSI Disk Device +++++ --- User --- [MBR] 86a954ce8c9b827ec15415ac91475da5 [bSP] 1732d7b8e9a9662fd101d56a302f14a8 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 251499092f7899b0669998464e17ac5e [bSP] c5c481a19a41141aef4c4ea69d92148e : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST2000DM ST2000DM001-1CH1 SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) SanDisk SDSSDHP256G SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) WDC WD20EARS-00J2GB0 SCSI Disk Device +++++ --- User --- [MBR] f677c2b67c898c6af456f4182a34f181 [bSP] e742f20c8e661f829d657b755ea8ce28 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ IDE) SAMSUNG HD204UI SCSI Disk Device +++++ --- User --- [MBR] bd0c5f3ab25df4359f103991e3b813bc [bSP] a33654b167166e01189ef8713c527406 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ IDE) ST315003 ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 3db600377b2606fdd75bc2fc55fd725f [bSP] fcd2ce98f65a71b4ddaa907dcde00352 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive7: (\\.\PHYSICALDRIVE7 @ IDE) SAMSUNG HD154UI SCSI Disk Device +++++ --- User --- [MBR] 5a3861767437a6d687acf6722d72bad2 [bSP] fee3061c1fd81983eeb6be797cabec35 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1430796 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) Termine : << RKreport[0]_D_04222014_172251.txt >> RKreport[0]_H_04222014_164351.txt;RKreport[0]_S_04222014_172244.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : HOSTS RAZ -- Date : 04/22/2014 17:23:19 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[0]_H_04222014_172319.txt >> RKreport[0]_D_04222014_172251.txt;RKreport[0]_H_04222014_164351.txt;RKreport[0]_S_04222014_172244.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Proxy RAZ -- Date : 04/22/2014 17:23:53 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_PR_04222014_172353.txt >> RKreport[0]_D_04222014_172251.txt;RKreport[0]_H_04222014_164351.txt;RKreport[0]_H_04222014_172319.txt RKreport[0]_S_04222014_172244.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : DNS RAZ -- Date : 04/22/2014 17:24:13 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_DN_04222014_172413.txt >> RKreport[0]_D_04222014_172251.txt;RKreport[0]_H_04222014_164351.txt;RKreport[0]_H_04222014_172319.txt RKreport[0]_S_04222014_172244.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Raccourcis RAZ -- Date : 04/22/2014 17:24:36 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 0 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 0 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 0 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 0 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume8 -- 0x3 --> Restored [D:] \Device\HarddiskVolume4 -- 0x3 --> Restored [E:] \Device\HarddiskVolume9 -- 0x3 --> Restored [F:] \Device\HarddiskVolume12 -- 0x3 --> Restored [G:] \Device\HarddiskVolume11 -- 0x3 --> Restored [H:] \Device\HarddiskVolume10 -- 0x3 --> Restored [i:] \Device\CdRom1 -- 0x5 --> Skipped [J:] \Device\HarddiskVolume2 -- 0x3 --> Restored [K:] \Device\CdRom0 -- 0x5 --> Skipped [N:] \Device\CdRom2 -- 0x5 --> Skipped [O:] \Device\HarddiskVolume1 -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_SC_04222014_172436.txt >> RKreport[0]_D_04222014_172251.txt;RKreport[0]_H_04222014_164351.txt;RKreport[0]_H_04222014_172319.txt RKreport[0]_S_04222014_172244.txt
  6. hollowmanf38
    http://cjoint.com/?DDwruHlE238 voila le premier
  7. hollowmanf38
    filesbuckers n’apparaît plus maintenant c'est anti malware pc safe encore une merde qui apparaît en vert je comprend pas malgré que j'ai en tache de fond malwarebytes je vous donne les rapports a la suite merci encore
  8. hollowmanf38
    bonjour je n’utilise pas gmail je comprend pas ca fonctionne quelques heures après ca revient c'est super chiant
  9. hollowmanf38
    voila le rapport http://cjoint.com/?DDtuh619xwh je vous remercie encore de votre patience
  10. hollowmanf38
    Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014 Fichier d'export Registre : Run by ERIC at 19/04/2014 20:00:52 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (00mn 02s) Réparation des raccourcis navigateur ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: DU Meter ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\isafekrnlboot.sys SUPPRIMÉ Redémarrage: c:\program files (x86)\du meter\dumeter.exe SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Restauration Système ========== Aucun Point de restauration du système crée ========== Récapitulatif ========== 9 : Valeurs du Registre 2 : Dossiers 3 : Fichiers 1 : Restauration Système End of clean in 00mn 02s ========== Chemin de fichier rapport ========== C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/04/2014 09:35:38 [2261] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R2].txt - 13/04/2014 09:42:22 [1344] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R3].txt - 13/04/2014 10:37:57 [1423] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R4].txt - 18/04/2014 08:51:20 [1598] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R5].txt - 19/04/2014 17:43:00 [1972] C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R6].txt - 19/04/2014 20:00:54 [1678]
  11. hollowmanf38
    merci de votre aide cordialement
  12. hollowmanf38
    rapport zhp http://cjoint.com/?DDts5oQlTbx
  13. hollowmanf38
    roguekiller RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Suppression -- Date : 04/19/2014 18:50:13 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 4 ¤¤¤ [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2) [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REMPLACÉ (1) [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2) [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REMPLACÉ (1) ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD10EACS-00D6B0 SCSI Disk Device +++++ --- User --- [MBR] 86a954ce8c9b827ec15415ac91475da5 [bSP] 1732d7b8e9a9662fd101d56a302f14a8 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 251499092f7899b0669998464e17ac5e [bSP] c5c481a19a41141aef4c4ea69d92148e : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST2000DM ST2000DM001-1CH1 SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) SanDisk SDSSDHP256G SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) WDC WD20EARS-00J2GB0 SCSI Disk Device +++++ --- User --- [MBR] f677c2b67c898c6af456f4182a34f181 [bSP] e742f20c8e661f829d657b755ea8ce28 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ IDE) SAMSUNG HD204UI SCSI Disk Device +++++ --- User --- [MBR] bd0c5f3ab25df4359f103991e3b813bc [bSP] a33654b167166e01189ef8713c527406 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ IDE) ST315003 ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 3db600377b2606fdd75bc2fc55fd725f [bSP] fcd2ce98f65a71b4ddaa907dcde00352 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive7: (\\.\PHYSICALDRIVE7 @ IDE) SAMSUNG HD154UI SCSI Disk Device +++++ --- User --- [MBR] 5a3861767437a6d687acf6722d72bad2 [bSP] fee3061c1fd81983eeb6be797cabec35 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1430796 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) Termine : << RKreport[0]_D_04192014_185013.txt >> RKreport[0]_S_04192014_184959.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : HOSTS RAZ -- Date : 04/19/2014 18:50:48 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[0]_H_04192014_185048.txt >> RKreport[0]_D_04192014_185013.txt;RKreport[0]_S_04192014_184959.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Proxy RAZ -- Date : 04/19/2014 18:51:44 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_PR_04192014_185144.txt >> RKreport[0]_D_04192014_185013.txt;RKreport[0]_H_04192014_185048.txt;RKreport[0]_S_04192014_184959.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : DNS RAZ -- Date : 04/19/2014 18:52:04 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_DN_04192014_185204.txt >> RKreport[0]_D_04192014_185013.txt;RKreport[0]_H_04192014_185048.txt;RKreport[0]_S_04192014_184959.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Raccourcis RAZ -- Date : 04/19/2014 18:52:27 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 0 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 0 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 0 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 0 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume8 -- 0x3 --> Restored [D:] \Device\HarddiskVolume4 -- 0x3 --> Restored [E:] \Device\HarddiskVolume9 -- 0x3 --> Restored [F:] \Device\HarddiskVolume12 -- 0x3 --> Restored [G:] \Device\HarddiskVolume11 -- 0x3 --> Restored [H:] \Device\HarddiskVolume10 -- 0x3 --> Restored [i:] \Device\CdRom1 -- 0x5 --> Skipped [J:] \Device\HarddiskVolume2 -- 0x3 --> Restored [K:] \Device\CdRom0 -- 0x5 --> Skipped [N:] \Device\CdRom2 -- 0x5 --> Skipped [O:] \Device\HarddiskVolume1 -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_SC_04192014_185227.txt >> RKreport[0]_D_04192014_185013.txt;RKreport[0]_H_04192014_185048.txt;RKreport[0]_S_04192014_184959.txt
  14. hollowmanf38
    bonjour bon après une semaine sans liens vert c'est encore revenue ci joint les rapports
  15. hollowmanf38
    voila le rapport 1. ========================= SEAF 1.0.1.0 - C_XX 2. 3. Commencé à: 12:14:44 le 13/04/2014 4. 5. Valeur(s) recherchée(s): 6. Filebunker 7. 8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès 9. 10. (!) --- Recherche registre 11. 12. ====== Fichier(s) ====== 13. 14. Aucun fichier trouvé 15. 16. 17. ====== Entrée(s) du registre ====== 18. 19. Aucun élément dans le registre trouvé 20. 21. ========================= 22. 23. Fin à: 12:15:30 le 13/04/2014 24. 523842 Éléments analysés 25. 26. ========================= 27. E.O.F je comprend pas il apparais toujours
  16. hollowmanf38
    en faite non après quelle pages de navigation les liens vert surligner revienne j'en n'es marre des ces connerie en faite filebuker est toujours present
  17. hollowmanf38
    merci de votre aide après réinitialiser chrome les liens vers n'apparaissent plus mais maintenant c'est offers4u.org fenêtre en bas qui s'affiche
  18. hollowmanf38
    j'ai toujours les liens vers qui apparaisse filebunker
  19. hollowmanf38
    voila le rapport ZHPfix Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014 Fichier d'export Registre : Run by ERIC at 13/04/2014 10:35:35 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (00mn 02s) Réparation des raccourcis navigateur ========== Processus mémoire ========== SUPPRIMÉ: Memory Process: C:\Windows\AutoKMS\AutoKMS.exe ========== Clés du Registre ========== SUPPRIMÉ: Service: ReimageRealTimeProtection SUPPRIMÉ: HKCU\Software\Reimage SUPPRIMÉ:* HKLM\Software\Reimage SUPPRIMÉ:* StartupReg: Browser Infrastructure Helper SUPPRIMÉ: Service: SplashtopRemoteService ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: SDTray SUPPRIMÉ RunValue: DU Meter ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value SUPPRIMÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Private) : {6B0514D6-3841-42D9-97A4-956AC0D4BFAB} SUPPRIMÉ: FirewallRaz (Private) : {D3AABCA8-6724-4EFC-BFCC-4807D23ABDFE} SUPPRIMÉ: FirewallRaz (None) : {27AD53BE-B02D-44DE-9D6F-01A4FFA138EF} ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\isafekrnlboot.sys SUPPRIMÉ: c:\windows\reimage.ini SUPPRIMÉ Redémarrage: c:\program files (x86)\splashtop\splashtop remote\server\srservice.exe SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Tache planifiée ========== SUPPRIMÉ: AutoKMS SUPPRIMÉ: AutoKMS SUPPRIMÉ: AutoKMS SUPPRIMÉ: Reimage Reminder ========== Restauration Système ========== Aucun Point de restauration du système crée ========== Récapitulatif ========== 1 : Processus mémoire 5 : Clés du Registre 13 : Valeurs du Registre 2 : Dossiers 4 : Fichiers 4 : Tache planifiée 1 : Restauration Système End of clean in 00mn 05s ========== Chemin de fichier rapport ========== C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/04/2014 10:35:38 [2182] le rapport de sftgc apport de SFTGC (Pierre13) du Dimanche 13 Avril 2014 à 10:38:50 version : 2.0.0.66 Mis à jour le 07/02/2014 Outil lancé en Mode normal et En tant qu'administrateur Windows 7 Home Premium Service Pack 1 64 bits Tool start in C:\Users\ERIC\Downloads\Programs 416 éléments supprimés => 89.42 Mo libérés. (40 s) Warning !! **/!\** C:\Users\ERIC\AppData\Local\Temp\_MEI53082\main.exe.manifest **/!\** Warning !! **/!\** C:\Users\ERIC\AppData\Local\Temp\_MEI51162\BoxSync.exe.manifest **/!\** Warning !! **/!\** C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPDiag2[1].exe **/!\** C:\Users\ERIC\AppData\Local\Temp\LockedIconOverlay.ico C:\Users\ERIC\AppData\Local\Temp\Low C:\Users\ERIC\AppData\Local\Temp\LuUpdater.log C:\Users\ERIC\AppData\Local\Temp\NotSyncedIconOverlay.ico C:\Users\ERIC\AppData\Local\Temp\ntdll_dump.dll C:\Users\ERIC\AppData\Local\Temp\ProblemIconOverlay.ico C:\Users\ERIC\AppData\Local\Temp\SyncedIconOverlay.ico C:\Users\ERIC\AppData\Local\Temp\WPDNSE C:\Users\ERIC\AppData\Local\Temp\~DF39CA591449A71AFA.TMP C:\Users\ERIC\AppData\Local\Temp\~DFE75DF15DF3852315.TMP C:\Users\ERIC\AppData\Local\Temp\_MEI58402\resources\i18n\locale C:\Users\ERIC\AppData\Local\Temp\_MEI53442\resources\i18n\locale C:\Users\ERIC\AppData\Local\Temp\_MEI53082\bz2.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\gdi32.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\kernel32.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\main.exe.manifest C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfc90.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfc90u.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfcm90.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfcm90u.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\msvcp100.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\msvcr100.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\psapi.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\shell32.dll C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32evtlog.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32trace.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32ui.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32wnet.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\_win32sysloader.pyd C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support\gen_py C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support\gen_py\__init__.py C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\chrome_ext C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\html C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\js C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\mime C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\mime\drive.mime.types C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\js\XMLHttpRequest.js C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\docs.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides32.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides48.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync16.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync16.xpm C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync256.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync32.xpm C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync64.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\exclaim.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\file.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-mac.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-winseven.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-winxp.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdoc.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdoc.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdraw.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdraw.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gform.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gform.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\glink.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\glink.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gnote.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gnote.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gscript.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gscript.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gsheet.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gsheet.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gslides.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gslides.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gtable.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gtable.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\image_resources.py C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\image_resources.pyo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-pause-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused-inverse.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused-inverse_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\menu_warning.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\menu_warning_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup1.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup2-mac.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup2-win.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup3-bottom.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup3-right.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup4-mac.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup4-win.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup5-mac.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup5-win.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-mac.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-winseven.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-winxp.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\shareguyicon.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sheets.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\slides.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.icns C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_128.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_done.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_done_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_error.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_error_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_syncing.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_syncing_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\toprighticon.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\warning-hdpi_2x.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate1.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate2.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate3.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate4.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate5.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate6.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate7.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate8.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-normal.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-error.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-inactive.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-paused.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-error.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-inactive.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-paused.png C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\__init__.py C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\__init__.pyo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Blacklisted.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Shared.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Synced.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Syncing.ico C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar\LC_MESSAGES C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\html\drive_thankyou.html C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Bold.ttf C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Regular.ttf C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Thin.ttf C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py\dicts.dat C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py\__init__.py C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526\AppCache C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526\Local Storage C:\Users\ERIC\AppData\Local\Temp\comtypes_cache\Dropbox-27 C:\Users\ERIC\AppData\LocalLow\Microsoft\Windows\AppCache C:\Users\ERIC\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3781B4A3713292956206932165FA4132_D37502A09829604D4C1B7778843C560D C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_0F298ACE77D8131FC974A12162988423 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_E1EDEF0C21AE75D448F7327475DF4C9E C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3781B4A3713292956206932165FA4132_D37502A09829604D4C1B7778843C560D C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_0F298ACE77D8131FC974A12162988423 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_E1EDEF0C21AE75D448F7327475DF4C9E C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242 C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\desktop.ini C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\Low\History.IE5 C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014040920140410 C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041020140411 C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041120140412 C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\ERIC\AppData\Local\Microsoft\Windows C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\NVIDIA Corporation C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6VVG440 C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6VVG440\VersionSFT[1].txt C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\28016ffcbe8a1939af038a0db8cfb2f471a00311[1].htm C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\configW7[1].xml C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\data[1].xml C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPDiag2[1].exe C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPScan[2].txt C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\ZHPFixReport.txt.lnk C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\9b9cdc69c1c24e2b.automaticDestinations-ms C:\Users\ERIC\AppData\Local\Temp\comtypes_cache C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526 C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu C:\Users\ERIC\AppData\Local\Temp\_MEI58402\resources\i18n C:\Users\ERIC\AppData\Local\Temp\_MEI53442\resources\i18n C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW Corbeille vidée. Fin du rapport.
  20. hollowmanf38
    ci joint le rapport du registre de rogue killer RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Suppression -- Date : 04/13/2014 10:33:02 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD10EACS-00D6B0 SCSI Disk Device +++++ --- User --- [MBR] 86a954ce8c9b827ec15415ac91475da5 [bSP] 1732d7b8e9a9662fd101d56a302f14a8 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 251499092f7899b0669998464e17ac5e [bSP] c5c481a19a41141aef4c4ea69d92148e : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST2000DM ST2000DM001-1CH1 SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) SanDisk SDSSDHP256G SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) WDC WD20EARS-00J2GB0 SCSI Disk Device +++++ --- User --- [MBR] f677c2b67c898c6af456f4182a34f181 [bSP] e742f20c8e661f829d657b755ea8ce28 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ IDE) SAMSUNG HD204UI SCSI Disk Device +++++ --- User --- [MBR] bd0c5f3ab25df4359f103991e3b813bc [bSP] a33654b167166e01189ef8713c527406 : Legit.A MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ IDE) ST315003 ST31500341AS SCSI Disk Device +++++ --- User --- [MBR] 3db600377b2606fdd75bc2fc55fd725f [bSP] fcd2ce98f65a71b4ddaa907dcde00352 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) +++++ PhysicalDrive7: (\\.\PHYSICALDRIVE7 @ IDE) SAMSUNG HD154UI SCSI Disk Device +++++ --- User --- [MBR] 5a3861767437a6d687acf6722d72bad2 [bSP] fee3061c1fd81983eeb6be797cabec35 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1430796 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. ) Termine : << RKreport[0]_D_04132014_103302.txt >> RKreport[0]_S_04132014_103249.txt
  21. hollowmanf38
    un autre rapport avec frst.exe Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01 Ran by ERIC (administrator) on ERIC-PC on 13-04-2014 09:01:20 Running from C:\Users\ERIC\Downloads\Programs Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe (Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ultracopier.first-world.info) C:\Program Files\Ultracopier\ultracopier.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Google Inc.) C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\plugin-nm-server.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe () c:\Program Files\Box\Box Sync\BoxSyncMonitor.exe (Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\ERIC\Downloads\Programs\FRST64_2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023104 2012-11-29] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Atheros Commnucations) HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-07-02] (Intel Corporation) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation) HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [boxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [13221784 2014-04-07] (Box, Inc.) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-12] (Razer Inc.) HKLM-x32\...\Run: [sDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [ultracopier] - C:\Program Files\Ultracopier\ultracopier.exe [1113088 2014-02-19] (ultracopier.first-world.info) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [skyDrive] - C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-04] (Microsoft Corporation) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [Google Update] - C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-21] (Google Inc.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400 2013-03-01] (Hagel Technologies Ltd.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ultracopier] - C:\Program Files\Ultracopier\ultracopier.exe [1113088 2014-02-19] (ultracopier.first-world.info) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skyDrive] - C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-04] (Microsoft Corporation) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] - C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-21] (Google Inc.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400 2013-03-01] (Hagel Technologies Ltd.) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.) Startup: C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ldlc.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {9BE2D771-ECE0-4C7D-9A66-7EB35F87B8B8} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - URL http://www.trovigo.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPB1BB1D84-6B6D-42C9-86A4-3A7176647FA4&q={searchTerms}&SSPV= SearchScopes: HKCU - {553E46AB-BBDA-49D4-8381-7958D86D06F1} URL = https://www.google.com/search?q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ERIC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ERIC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-14] FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-15] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-15] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-15] FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ERIC\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\ERIC\AppData\Roaming\IDM\idmmzcc5 [2014-04-04] Chrome: ======= CHR Extension: (Meteo en France) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\anakpfpojdnocblgejmienjaaggfgbdj [2014-04-11] CHR Extension: (Documents Google) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11] CHR Extension: (Google Drive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11] CHR Extension: (Kaspersky Protection) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-04-11] CHR Extension: (YouTube) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11] CHR Extension: (Google Cast) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-11] CHR Extension: (Facebook) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-04-11] CHR Extension: (Twitter for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdoinklelehcpndgmcddkkdhibpoglnk [2014-04-11] CHR Extension: (Adblock Plus) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-11] CHR Extension: (PagesJaunes) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2014-04-11] CHR Extension: (Dailymotion) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckopbmcmofndcicfgnlfcelnphemljme [2014-04-11] CHR Extension: (Recherche Google) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11] CHR Extension: (Bouton pour PayPal™) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\edkonmaeaeehdmjbgigneocajjibpack [2014-04-11] CHR Extension: (Google Agenda) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-04-11] CHR Extension: (Box - 10GB of FREE storage) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-04-11] CHR Extension: (Météo) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-04-11] CHR Extension: (Cinémur) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkkongamjdfggeifeicejegagbhhjlf [2014-04-11] CHR Extension: (Full Screen Weather) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-04-11] CHR Extension: (Facebook One) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceeodfjmkoilhaoehbnhofdpobaohnm [2014-04-11] CHR Extension: (Facebook for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-04-11] CHR Extension: (Enregistrer dans Google Drive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-04-11] CHR Extension: (LastPass: Free Password Manager) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-04-11] CHR Extension: (PDF Mergy) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-04-11] CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-04-11] CHR Extension: (Dropbox) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-11] CHR Extension: (IDM Integration Module) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-04-11] CHR Extension: (Pocket Website) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2014-04-11] CHR Extension: (Calculatrice) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-04-11] CHR Extension: (Google Play) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-04-11] CHR Extension: (Google Maps) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-04-11] CHR Extension: (Pocket) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-04-11] CHR Extension: (LastPass Vault) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-04-11] CHR Extension: (OneDrive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-04-11] CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-04-11] CHR Extension: (Twitch Now) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2014-04-11] CHR Extension: (Google Wallet) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11] CHR Extension: (Deezer) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-04-11] CHR Extension: (Synology Download Station) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhbegdkgonhlokobjefolhpoidcnida [2014-04-11] CHR Extension: (Picasa) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-04-11] CHR Extension: (Instagram for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-04-11] CHR Extension: (Gmail) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11] CHR Extension: (Twitch Giveaways) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2014-04-11] CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-04-11] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-12] CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-04-03] ==================== Services (Whitelisted) ================= R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] () R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-12] (Kaspersky Lab ZAO) S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28768 2014-03-10] (Box Inc.) R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc) R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2385304 2013-03-01] (Hagel Technologies Ltd.) R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems GmbH) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Atheros) S2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [X] ==================== Drivers (Whitelisted) ==================== R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () S3 ATSZIO; C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [19584 2013-01-16] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-27] (Disc Soft Ltd) S3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [20968 2013-03-01] (Hagel Technologies Ltd.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-02] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-15] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-27] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-27] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-12] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-03-15] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-12] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-03-15] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-13] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-23] (Duplex Secure Ltd.) R3 stdpms; C:\Windows\System32\DRIVERS\stdpms.sys [28904 2014-02-28] (Splashtop Inc.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit? R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.) S3 cpuz134; \??\C:\Users\ERIC\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-13 08:50 - 2014-04-13 08:50 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-13 08:50 - 2014-04-13 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-13 08:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-13 08:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-13 08:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-13 08:42 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-11 23:37 - 2014-04-11 23:37 - 00002340 _____ () C:\Users\ERIC\Desktop\Lanceur d'applications Google Chrome.lnk 2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2014-04-11 23:36 - 2014-04-11 23:36 - 00002260 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieUserList 2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieSiteList 2014-04-11 22:58 - 2014-04-11 23:12 - 00036353 _____ () C:\Shortcut_Module_11_04_2014_23_12_04.txt 2014-04-11 22:33 - 2014-04-11 22:33 - 00000624 _____ () C:\Users\ERIC\Desktop\JRT.txt 2014-04-11 22:24 - 2014-04-11 22:33 - 00010239 _____ () C:\Users\ERIC\Desktop\SFTGC.txt 2014-04-11 22:22 - 2014-04-11 22:22 - 00000000 ____D () C:\Windows\ERUNT 2014-04-11 22:19 - 2014-04-11 23:51 - 00001994 _____ () C:\Users\ERIC\Desktop\ZHPFix.lnk 2014-04-11 22:19 - 2014-04-11 23:51 - 00001867 _____ () C:\Users\ERIC\Desktop\ZHPDiag.lnk 2014-04-11 22:19 - 2014-04-11 23:51 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ZHP 2014-04-11 22:19 - 2014-04-11 23:51 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag 2014-04-11 21:56 - 2014-04-13 09:01 - 00000000 ____D () C:\FRST 2014-04-11 21:29 - 2014-04-11 23:12 - 00000000 ____D () C:\Shortcut_Module 2014-04-11 21:29 - 2014-04-11 21:43 - 00062047 _____ () C:\Shortcut_Module_11_04_2014_21_43_48.txt 2014-04-11 21:15 - 2014-04-11 21:15 - 00003428 _____ () C:\Windows\System32\Tasks\Reimage Reminder 2014-04-11 21:14 - 2014-04-11 21:15 - 00000000 ____D () C:\rei 2014-04-11 21:14 - 2014-04-11 21:14 - 00000000 ____D () C:\ProgramData\CDB 2014-04-11 21:13 - 2014-04-11 21:15 - 00000155 _____ () C:\Windows\Reimage.ini 2014-04-11 20:56 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-11 20:56 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-11 20:56 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-11 20:56 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-11 20:56 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-11 20:56 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-11 20:56 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-11 20:56 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-11 20:56 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-11 20:56 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-11 20:56 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-11 20:56 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-11 20:56 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-11 20:56 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-11 20:56 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-11 20:56 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-11 20:56 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-11 20:56 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-11 20:56 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-11 20:56 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-11 20:56 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-11 20:56 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-11 20:56 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-11 20:56 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-11 20:56 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-11 20:56 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-11 20:56 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-11 20:56 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-11 20:56 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-11 20:56 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-11 20:56 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-11 20:56 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-11 20:56 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-11 20:56 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-11 20:56 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-11 20:56 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-11 20:56 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-11 20:56 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-11 20:56 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-11 20:56 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-11 20:56 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-11 20:56 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-11 20:56 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-11 20:56 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-11 20:56 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-11 20:56 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-11 20:56 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-11 20:56 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-10 21:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-10 21:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-10 21:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-10 21:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-10 21:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-10 21:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 21:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-10 21:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-10 21:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-10 21:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-10 21:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-10 21:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-10 21:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-10 21:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-10 21:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-10 21:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-10 21:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-10 21:07 - 2014-04-13 08:42 - 00008244 _____ () C:\Windows\PFRO.log 2014-04-09 23:48 - 2014-04-10 00:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-09 23:48 - 2014-04-09 23:48 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-09 23:48 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-04-09 22:47 - 2014-04-13 08:42 - 00003024 _____ () C:\Windows\setupact.log 2014-04-09 22:47 - 2014-04-09 22:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-08 20:04 - 2014-04-12 00:08 - 00003928 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} 2014-04-08 19:49 - 2014-04-08 19:49 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin Pro 64.lnk 2014-04-08 19:49 - 2014-04-08 19:49 - 00000855 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-04-08 19:49 - 2014-04-08 19:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Newsbin6 2014-04-08 19:01 - 2014-04-08 19:01 - 00000000 ____D () C:\Windows\system32\log 2014-04-08 19:01 - 2014-04-08 15:07 - 00034304 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2014-04-08 18:07 - 2014-04-08 18:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VS Revo Group 2014-04-08 18:06 - 2014-04-08 18:06 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\ProgramData\VS Revo Group 2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-08 18:06 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2014-04-08 16:57 - 2014-03-26 23:40 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-04-08 16:56 - 2014-03-27 14:45 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-04-08 16:56 - 2014-03-27 14:45 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 09697128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-04-08 16:56 - 2014-03-27 14:45 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-04-08 16:50 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-04-08 16:50 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-04-05 13:52 - 2014-04-05 13:52 - 00000000 ____D () C:\Users\ERIC\Documents\MercurySteam 2014-04-05 13:51 - 2014-04-05 13:51 - 00000633 _____ () C:\Users\Public\Desktop\Castlevania Lords of Shadow 2.lnk 2014-04-03 15:43 - 2013-11-28 02:24 - 00175480 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys 2014-04-03 15:10 - 2012-07-18 00:40 - 00120920 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys 2014-03-30 11:43 - 2014-03-30 11:43 - 00000000 ____D () C:\Windows\Replay Video Capture 2014-03-30 11:37 - 2014-03-30 11:38 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Nero 2014-03-30 11:37 - 2014-03-30 11:37 - 00000000 ____D () C:\ProgramData\LightScribe 2014-03-30 11:35 - 2014-03-30 11:35 - 00002737 _____ () C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk 2014-03-30 11:35 - 2014-03-30 11:35 - 00000000 ____D () C:\Windows\System32\Tasks\Nero 2014-03-30 11:34 - 2014-03-30 11:35 - 00000000 ____D () C:\ProgramData\Nero 2014-03-30 11:34 - 2014-03-30 11:35 - 00000000 ____D () C:\Program Files (x86)\Nero 2014-03-30 11:33 - 2014-03-30 11:33 - 00002044 _____ () C:\Users\Public\Desktop\LightScribe.lnk 2014-03-30 09:49 - 2014-04-13 08:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-03-29 09:16 - 2014-03-29 09:16 - 14127518 _____ () C:\Users\ERIC\Downloads\12W18l3aQeT5f1870ce86QcRbSX6THX56.nzb 2014-03-29 07:51 - 2014-04-03 17:32 - 00001196 _____ () C:\Users\Public\Desktop\Air Video Server HD.lnk 2014-03-29 07:51 - 2014-03-29 07:51 - 00000000 ____D () C:\Program Files (x86)\AirVideoServer HD 2014-03-29 07:46 - 2014-04-03 17:32 - 00000000 ____D () C:\Users\ERIC\AppData\Local\AirVideoServerHD 2014-03-29 07:46 - 2014-03-29 07:46 - 00000048 _____ () C:\Windows\SysWOW64\settings.properties 2014-03-29 07:45 - 2014-03-29 07:46 - 11731296 _____ () C:\Users\ERIC\Downloads\AirVideoServerHD-1.0.15.exe 2014-03-28 22:29 - 2014-03-29 19:59 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\foobar2000 2014-03-28 22:29 - 2014-03-28 22:29 - 00001038 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-03-28 22:29 - 2014-03-28 22:29 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-03-28 17:38 - 2014-03-28 17:38 - 01935638 _____ () C:\Users\ERIC\Downloads\23W128aQe80f1896ce86kcaeSd8THX56.par2.nzb 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\Documents\CyberLink 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\CyberLink 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Cyberlink SoftDMA 2014-03-28 17:01 - 2014-03-28 17:24 - 00000000 ____D () C:\ProgramData\CyberLink 2014-03-28 17:01 - 2014-03-28 17:05 - 00000000 ____D () C:\Users\Public\CyberLink 2014-03-28 17:01 - 2014-03-28 17:01 - 00001418 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\MediaServer 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CyberLink 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\PDVD 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-03-28 17:00 - 2014-03-28 17:02 - 00000000 ____D () C:\ProgramData\install_clap 2014-03-27 17:06 - 2014-03-27 17:07 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images 2014-03-27 17:01 - 2014-03-27 17:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-03-27 17:01 - 2014-03-27 17:01 - 00001939 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk 2014-03-27 16:48 - 2014-03-27 17:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro 2014-03-23 17:32 - 2014-04-09 22:38 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Pro 2014-03-23 17:32 - 2014-03-23 17:32 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-03-23 17:31 - 2014-03-27 16:48 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro 2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\ProgramData\Hagel Technologies 2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\Program Files (x86)\DU Meter 2014-03-23 11:22 - 2014-03-23 11:22 - 00025466 _____ () C:\Users\ERIC\Documents\cc_20140323_102236.reg 2014-03-23 11:07 - 2014-03-23 11:07 - 00262144 _____ () C:\Windows\system32\config\elam 2014-03-23 11:04 - 2014-03-23 11:11 - 00000290 __RSH () C:\ProgramData\ntuser.pol 2014-03-22 19:51 - 2014-04-09 22:21 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-03-22 19:51 - 2014-04-09 22:16 - 00000000 ____D () C:\ProgramData\NCH Software 2014-03-22 19:17 - 2014-03-22 19:17 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\iSpy 2014-03-21 23:52 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\ERIC\AppData\Local\IsolatedStorage 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\SplitMediaLabs 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\ProgramData\SplitMediaLabs 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs 2014-03-21 17:25 - 2014-03-21 17:25 - 00001210 _____ () C:\Users\ERIC\Desktop\Chromecast.lnk 2014-03-21 17:25 - 2014-03-21 17:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast 2014-03-21 17:24 - 2014-04-06 07:40 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core.job 2014-03-21 17:24 - 2014-04-06 07:35 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core 2014-03-20 21:25 - 2014-03-20 21:25 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\ProgramData\McAfee 2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-03-20 21:24 - 2014-03-20 21:26 - 00000000 ____D () C:\ProgramData\Adobe 2014-03-20 20:57 - 2014-03-20 20:57 - 00001206 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk 2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass 2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Program Files (x86)\LastPass 2014-03-20 20:56 - 2014-03-20 20:57 - 04278003 _____ () C:\Users\ERIC\Downloads\lpchrome_win.crx 2014-03-19 19:12 - 2014-04-10 22:11 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\vlc 2014-03-18 23:33 - 2014-03-18 23:33 - 00525279 _____ () C:\Users\ERIC\Downloads\Veronica.Mars.1080p.VO.VF.VOST.mp4.par2.nzb 2014-03-18 23:14 - 2014-03-18 23:14 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-03-18 22:13 - 2014-03-18 22:13 - 01960126 _____ () C:\Users\ERIC\Downloads\Next1239 (1).nzb 2014-03-18 20:17 - 2014-03-18 20:17 - 04279616 _____ () C:\Windows\PE_File.dll 2014-03-18 20:17 - 2014-03-18 20:17 - 04226912 _____ () C:\Windows\PE_Rom.dll 2014-03-18 20:17 - 2010-08-03 07:21 - 00014464 _____ () C:\Windows\SysWOW64\Drivers\AsUpIO.sys 2014-03-18 19:58 - 2014-03-18 19:58 - 00002611 _____ () C:\Users\Public\Desktop\ASUS PC Diagnostics.lnk 2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf 2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf 2014-03-18 19:25 - 2014-03-18 19:32 - 00000000 ____D () C:\Program Files (x86)\Razer 2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Razer 2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\ProgramData\Razer 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\Documents\My Games 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skyrim 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\ProgramData\Steam 2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Macromedia 2014-03-16 17:01 - 2014-03-16 20:37 - 00000000 ____D () C:\Users\ERIC\Documents\StarCraft II 2014-03-16 17:01 - 2014-03-16 17:01 - 00000724 _____ () C:\Users\Public\Desktop\StarCraft II.lnk 2014-03-16 16:59 - 2014-04-12 19:15 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-16 16:59 - 2014-03-16 16:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-16 16:59 - 2014-03-16 16:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-16 16:59 - 2014-03-16 16:59 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\system32\Macromed 2014-03-16 16:58 - 2014-03-20 21:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Adobe 2014-03-16 13:10 - 2014-03-16 13:10 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Blizzard Entertainment 2014-03-16 11:58 - 2014-03-16 11:58 - 00000000 ____D () C:\Users\ERIC\Documents\Diablo III 2014-03-16 11:38 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\OneDrive 2014-03-16 11:38 - 2014-04-12 17:47 - 00005048 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ERIC-PC-ERIC ERIC-PC 2014-03-16 11:35 - 2014-03-18 20:07 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-16 11:35 - 2014-03-18 20:07 - 00000000 ____D () C:\ProgramData\Skype 2014-03-16 11:35 - 2014-03-16 14:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Skype 2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skype 2014-03-16 11:21 - 2014-03-16 11:21 - 00080180 _____ () C:\Users\ERIC\Documents\cc_20140316_102140.reg 2014-03-16 11:21 - 2014-03-16 11:21 - 00000422 _____ () C:\Users\ERIC\Documents\cc_20140316_102123.reg 2014-03-16 10:06 - 2014-03-16 10:06 - 00000771 _____ () C:\Users\Public\Desktop\Diablo III.lnk 2014-03-16 10:03 - 2014-04-13 08:37 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Battle.net 2014-03-16 10:03 - 2014-03-16 17:01 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-03-16 10:03 - 2014-03-16 10:04 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Battle.net 2014-03-16 10:03 - 2014-03-16 10:03 - 00000763 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-03-16 10:01 - 2014-03-21 22:08 - 00000000 ____D () C:\ProgramData\Battle.net 2014-03-16 09:39 - 2014-03-16 09:39 - 00000000 ____D () C:\Program Files (x86)\Splashtop 2014-03-16 09:35 - 2014-03-16 09:35 - 00000000 ____D () C:\Program Files (x86)\Groupe ARCHISOFT 2014-03-16 09:34 - 2014-03-16 10:24 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Zappiti 2014-03-16 09:34 - 2014-03-16 09:35 - 00001208 _____ () C:\Users\Public\Desktop\Zappiti Media Center.lnk 2014-03-15 08:29 - 2014-03-15 08:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-15 08:27 - 2014-03-15 08:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-03-15 08:23 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-03-15 08:23 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-03-15 08:00 - 2014-04-11 21:05 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-15 08:00 - 2014-03-15 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-03-15 08:00 - 2014-03-15 08:00 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-15 00:28 - 2014-04-13 09:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-03-15 00:28 - 2014-03-15 00:28 - 00001096 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Windows\ELAMBKUP 2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-03-15 00:28 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2014-03-15 00:27 - 2014-03-27 15:53 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-03-15 00:27 - 2014-03-27 15:53 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-03-15 00:15 - 2014-03-15 00:15 - 00000000 ____D () C:\Program Files\PlayReady 2014-03-14 23:40 - 2014-04-09 22:38 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-14 23:40 - 2014-03-14 23:40 - 00000970 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-03-14 23:32 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\Google Drive 2014-03-14 23:32 - 2014-03-14 23:32 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00001715 _____ () C:\Users\ERIC\Desktop\Google Drive.lnk 2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\Program Files (x86)\Elgato 2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Downloads\Box Sync.lnk 2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Desktop\Box Sync.lnk 2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ___HD () C:\Users\ERIC\.Box Sync 2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ____D () C:\Users\ERIC\Box Sync 2014-03-14 18:03 - 2014-04-13 08:43 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Box Sync 2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\Program Files\Box 2014-03-14 17:47 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\NVIDIA 2014-03-14 17:47 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\Documents\Broken Sword 5 2014-03-14 17:46 - 2014-03-14 17:46 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00000719 _____ () C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk 2014-03-14 17:46 - 2014-03-14 17:46 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2014-03-14 17:33 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-03-14 17:33 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-03-14 17:33 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-03-14 17:33 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-03-14 17:33 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-03-14 17:33 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-03-14 17:33 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-03-14 17:33 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-03-14 17:33 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-03-14 17:33 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-03-14 17:33 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-03-14 17:33 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-03-14 17:33 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-03-14 17:33 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-03-14 17:33 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-03-14 17:33 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-03-14 17:33 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-03-14 17:33 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-03-14 17:32 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-03-14 17:32 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-03-14 17:32 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-03-14 17:32 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-03-14 17:32 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-03-14 17:32 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-03-14 17:32 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-03-14 17:32 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-03-14 17:32 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-03-14 17:32 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-03-14 17:32 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-03-14 17:32 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-03-14 17:32 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-03-14 17:32 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-03-14 17:32 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-03-14 17:32 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-03-14 17:32 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-03-14 17:32 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-03-14 17:32 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-03-14 17:32 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-03-14 17:32 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-03-14 17:32 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-03-14 17:32 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-03-14 17:32 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-03-14 17:32 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-03-14 17:32 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-03-14 17:32 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-03-14 17:32 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-03-14 17:32 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-03-14 17:32 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-03-14 17:32 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-03-14 17:32 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-03-14 17:32 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-03-14 17:32 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-03-14 17:32 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-03-14 17:32 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-03-14 17:32 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-03-14 17:32 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-03-14 17:32 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-03-14 17:32 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-03-14 17:32 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-03-14 17:32 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-03-14 17:32 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-03-14 17:32 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-03-14 17:32 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-03-14 17:32 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-03-14 17:32 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-03-14 17:32 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-03-14 17:32 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-03-14 17:32 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-03-14 17:32 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-03-14 17:32 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-03-14 17:32 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-03-14 17:32 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-03-14 17:32 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-03-14 17:32 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-03-14 17:32 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-03-14 17:32 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-03-14 17:32 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-03-14 17:32 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-03-14 17:32 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-03-14 17:32 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-03-14 17:32 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-03-14 17:32 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-03-14 17:32 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-03-14 17:32 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-03-14 17:32 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-03-14 17:32 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-03-14 17:32 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-03-14 17:32 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-03-14 17:32 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-03-14 17:32 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-03-14 17:32 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-03-14 17:32 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-03-14 17:32 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-03-14 17:32 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-03-14 17:32 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-03-14 17:32 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-03-14 17:32 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-03-14 17:32 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-03-14 17:32 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-03-14 17:32 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-03-14 17:32 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-03-14 17:32 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-03-14 17:32 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-03-14 17:32 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-03-14 17:32 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-03-14 17:32 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-03-14 17:32 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-03-14 17:32 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-03-14 17:32 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-03-14 17:32 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-03-14 17:32 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-03-14 17:32 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-03-14 17:32 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-03-14 17:32 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-03-14 17:32 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-03-14 17:32 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-03-14 17:32 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-03-14 17:32 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-03-14 17:32 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-03-14 17:32 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-03-14 17:32 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-03-14 17:32 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-03-14 17:32 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-03-14 17:32 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-03-14 17:32 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-03-14 17:32 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-03-14 17:32 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-03-14 17:32 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-03-14 17:32 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-03-14 16:56 - 2014-04-13 08:40 - 00000000 ____D () C:\AdwCleaner 2014-03-14 16:54 - 2014-03-14 16:54 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-03-14 16:42 - 2014-03-16 11:20 - 00000000 ____D () C:\Windows\Minidump 2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Lite 2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-03-14 16:27 - 2014-03-19 18:38 - 00000000 ____D () C:\Program Files\Unlocker 2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier 2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Program Files\Ultracopier 2014-03-14 16:16 - 2014-03-14 16:16 - 00000282 _____ () C:\SSUUpdater.log 2014-03-14 16:13 - 2014-04-08 19:50 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Newsbin 2014-03-14 16:13 - 2014-04-08 19:49 - 00000000 ____D () C:\Program Files\Newsbin 2014-03-14 16:13 - 2014-03-15 07:58 - 00000000 ____D () C:\Users\ERIC\Documents\Newsbin 2014-03-14 16:13 - 2014-03-14 16:13 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin for RegNow 64.lnk 2014-03-14 16:11 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\Dropbox 2014-03-14 16:11 - 2014-04-10 21:09 - 00001021 _____ () C:\Users\ERIC\Desktop\Dropbox.lnk 2014-03-14 16:10 - 2014-04-13 08:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Dropbox 2014-03-14 16:10 - 2014-04-10 21:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-03-14 16:10 - 2014-03-14 16:11 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DropboxMaster 2014-03-14 16:02 - 2014-04-13 08:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\IDM 2014-03-14 16:02 - 2014-04-13 08:41 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DMCache 2014-03-14 16:02 - 2014-04-04 13:51 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager 2014-03-14 16:02 - 2014-03-27 16:55 - 00000000 ____D () C:\Users\ERIC\Downloads\Compressed 2014-03-14 16:02 - 2014-03-14 16:02 - 00001016 _____ () C:\Users\ERIC\Desktop\Internet Download Manager.lnk 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Video 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\ProgramData\IDM 2014-03-14 15:57 - 2014-03-14 15:57 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-03-14 15:57 - 2014-03-14 15:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-03-14 15:54 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-03-14 15:54 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-03-14 15:54 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-03-14 15:54 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-03-14 15:53 - 2014-03-15 08:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-14 15:53 - 2014-03-15 08:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-14 15:53 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-03-14 15:53 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-03-14 15:53 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-03-14 15:53 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-03-14 15:53 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-03-14 15:53 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-03-14 15:53 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-03-14 15:53 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-03-14 15:53 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-03-14 15:53 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-03-14 15:53 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-03-14 15:53 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-03-14 15:53 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-03-14 15:53 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-03-14 15:51 - 2014-04-12 18:49 - 00000000 ____D () C:\Users\ERIC\Documents\Fichiers Outlook 2014-03-14 15:45 - 2014-04-13 08:43 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS 2014-03-14 15:45 - 2014-03-14 16:20 - 00000000 ____D () C:\Windows\AutoKMS 2014-03-14 15:36 - 2014-03-14 15:36 - 00000000 ____D () C:\Users\ERIC\ultracopier 2014-03-14 15:15 - 2014-03-14 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\WinRAR 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Program Files\WinRAR 2014-03-14 14:13 - 2014-03-14 14:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-03-14 14:13 - 2007-06-06 21:00 - 00130048 _____ (Hewlett-Packard Company) C:\Windows\system32\hpz3l5k2.dll 2014-03-14 14:13 - 2007-06-06 20:58 - 00233472 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpzc35k2.dll 2014-03-14 14:07 - 2014-04-04 15:08 - 00002222 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ___RD () C:\Users\ERIC\SkyDrive 2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-03-14 13:45 - 2014-03-14 13:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-03-14 13:20 - 2014-03-27 16:22 - 00002223 _____ () C:\Users\Public\Desktop\ACDSee 17.lnk 2014-03-14 13:20 - 2014-03-15 00:43 - 00000000 ____D () C:\Users\ERIC\AppData\Local\ACD Systems 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ACD Systems 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\ProgramData\ACD Systems 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Program Files (x86)\ACD Systems 2014-03-14 13:15 - 2014-04-09 23:40 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CrashDumps 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-03-14 13:12 - 2014-04-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-14 13:12 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 __RHD () C:\MSOCache 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Microsoft Help 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-03-14 13:10 - 2014-03-14 13:10 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer 2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit 2014-03-14 13:01 - 2014-03-14 13:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Sonos,_Inc 2014-03-14 12:58 - 2014-04-12 18:37 - 00000000 ____D () C:\ProgramData\Sonos,_Inc 2014-03-14 12:58 - 2014-04-12 18:18 - 00001958 _____ () C:\Users\Public\Desktop\Sonos.lnk 2014-03-14 12:58 - 2014-04-12 18:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Downloaded Installations 2014-03-14 12:58 - 2014-04-12 18:18 - 00000000 ____D () C:\Program Files (x86)\Sonos 2014-03-14 12:56 - 2014-03-14 12:56 - 00001112 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qobuz Desktop.lnk 2014-03-14 12:56 - 2014-03-14 12:56 - 00001104 _____ () C:\Users\ERIC\Desktop\Qobuz Desktop.lnk 2014-03-14 12:53 - 2014-03-14 15:56 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-03-14 12:53 - 2014-03-14 12:54 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iTunes 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iPod 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Bonjour 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-03-14 12:53 - 2012-08-21 14:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-03-14 12:50 - 2014-03-14 12:50 - 00000000 ____D () C:\Program Files\7-Zip 2014-03-14 12:45 - 2014-03-14 12:45 - 00002084 _____ () C:\Users\ERIC\Desktop\JDownloader 2.lnk 2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2014-03-14 12:44 - 2014-04-11 22:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\JDownloader v2.0 2014-03-14 12:44 - 2014-03-14 12:44 - 00000041 _____ () C:\Users\ERIC\AppData\Roaming\WB.CFG 2014-03-14 12:39 - 2014-04-03 15:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\Public\Documents\Logishrd 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Leadertech 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\ProgramData\Logishrd 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Logitech 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd 2014-03-14 12:37 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logitech 2014-03-14 12:36 - 2014-03-14 12:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logishrd 2014-03-14 11:35 - 2014-03-14 11:35 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-03-14 11:35 - 2014-03-14 11:35 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-03-14 11:34 - 2014-03-14 11:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\MPC-HC 2014-03-14 11:33 - 2014-03-14 11:33 - 00001709 _____ () C:\Users\ERIC\Desktop\MPC-HC x64.lnk 2014-03-14 11:33 - 2014-03-14 11:33 - 00000000 ____D () C:\Program Files\MPC-HC 2014-03-14 11:27 - 2014-04-08 16:50 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA Corporation 2014-03-14 11:25 - 2014-04-13 08:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-14 11:25 - 2014-04-02 15:27 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-03-14 11:25 - 2014-04-02 15:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-03-14 11:25 - 2014-03-14 11:36 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA 2014-03-14 11:25 - 2014-03-14 11:25 - 00001354 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-03-14 11:25 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-14 11:25 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-03-14 11:25 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-03-14 11:25 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-03-14 11:25 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-03-14 11:25 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-03-14 11:25 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-03-14 11:24 - 2014-04-08 16:57 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-14 11:24 - 2014-04-08 16:50 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-03-14 11:24 - 2014-03-27 14:45 - 18493952 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 14422856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 03106688 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 02728160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 00952440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 00060248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-03-14 11:24 - 2014-03-27 14:45 - 00026011 _____ () C:\Windows\system32\nvinfo.pb 2014-03-14 11:24 - 2014-03-27 04:11 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-03-14 11:24 - 2014-03-27 04:11 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-03-14 11:24 - 2014-03-27 04:11 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-03-14 11:24 - 2014-03-27 04:11 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-03-14 11:24 - 2014-03-27 04:11 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-03-14 11:24 - 2014-03-27 04:11 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-03-14 11:24 - 2014-03-24 12:31 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin 2014-03-14 11:24 - 2014-03-21 21:43 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-03-14 11:24 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-03-14 11:24 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-03-14 11:24 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-03-14 11:24 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-03-14 11:24 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2014-03-14 11:23 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-03-14 11:19 - 2014-03-30 09:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Malwarebytes 2014-03-14 11:19 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-03-14 11:18 - 2014-03-30 09:49 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-14 11:16 - 2014-03-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-03-14 11:16 - 2014-03-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-03-14 11:16 - 2014-03-14 11:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-03-14 11:16 - 2014-03-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-03-14 11:16 - 2014-03-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-03-14 11:08 - 2014-04-13 08:42 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-14 11:08 - 2014-04-11 23:36 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Google 2014-03-14 11:08 - 2014-04-11 23:36 - 00000000 ____D () C:\Program Files (x86)\Google 2014-03-14 11:08 - 2014-04-06 08:16 - 00003808 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-14 11:07 - 2014-03-14 15:51 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Deployment 2014-03-14 11:07 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apps\2.0 2014-03-14 11:05 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-14 11:05 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-14 11:05 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-14 11:00 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-14 11:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-14 10:59 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-14 10:59 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-14 10:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-14 10:56 - 2014-03-18 19:27 - 00111968 _____ () C:\Users\ERIC\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-14 10:56 - 2014-03-14 10:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Intel Corporation 2014-03-14 10:55 - 2014-03-20 21:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Adobe 2014-03-14 10:55 - 2014-03-14 15:28 - 00000000 ____D () C:\Users\ERIC\Documents\Bluetooth Folder 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Atheros 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VirtualStore 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\BMExplorer 2014-03-14 10:53 - 2014-04-10 21:09 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-14 10:53 - 2014-04-03 17:14 - 00000000 ____D () C:\Users\ERIC 2014-03-14 10:53 - 2014-03-14 11:22 - 00001436 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-14 10:53 - 2014-03-14 10:55 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage réseau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage d'impression 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Local\Historique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Favoris 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Bureau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Program Files\Fichiers communs 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 ___SD () C:\Recovery 2014-03-14 10:53 - 2010-11-21 04:50 - 00000020 ___SH () C:\Users\ERIC\ntuser.ini 2014-03-14 10:53 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-03-14 10:53 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ==================== One Month Modified Files and Folders ======= 2014-04-13 09:01 - 2014-04-11 21:56 - 00000000 ____D () C:\FRST 2014-04-13 09:00 - 2014-03-15 00:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-04-13 08:56 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\IDM 2014-04-13 08:51 - 2014-03-30 09:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-13 08:50 - 2014-04-13 08:50 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-13 08:50 - 2014-04-13 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-13 08:48 - 2011-04-12 11:16 - 00765746 _____ () C:\Windows\system32\perfh00C.dat 2014-04-13 08:48 - 2011-04-12 11:16 - 00156406 _____ () C:\Windows\system32\perfc00C.dat 2014-04-13 08:48 - 2009-07-14 07:13 - 01709024 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-13 08:48 - 2009-07-14 06:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-13 08:48 - 2009-07-14 06:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-13 08:43 - 2014-03-14 18:03 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Box Sync 2014-04-13 08:43 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Dropbox 2014-04-13 08:43 - 2014-03-14 15:45 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS 2014-04-13 08:42 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-13 08:42 - 2014-04-10 21:07 - 00008244 _____ () C:\Windows\PFRO.log 2014-04-13 08:42 - 2014-04-09 22:47 - 00003024 _____ () C:\Windows\setupact.log 2014-04-13 08:42 - 2014-03-16 11:38 - 00000000 ___RD () C:\Users\ERIC\OneDrive 2014-04-13 08:42 - 2014-03-14 23:32 - 00000000 ___RD () C:\Users\ERIC\Google Drive 2014-04-13 08:42 - 2014-03-14 16:11 - 00000000 ___RD () C:\Users\ERIC\Dropbox 2014-04-13 08:42 - 2014-03-14 11:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-13 08:42 - 2014-03-14 11:08 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-13 08:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-13 08:41 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DMCache 2014-04-13 08:41 - 2013-10-18 12:04 - 01870866 _____ () C:\Windows\WindowsUpdate.log 2014-04-13 08:40 - 2014-03-14 16:56 - 00000000 ____D () C:\AdwCleaner 2014-04-13 08:37 - 2014-03-16 10:03 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Battle.net 2014-04-12 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-12 19:15 - 2014-03-16 16:59 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-12 18:49 - 2014-03-14 15:51 - 00000000 ____D () C:\Users\ERIC\Documents\Fichiers Outlook 2014-04-12 18:37 - 2014-03-14 12:58 - 00000000 ____D () C:\ProgramData\Sonos,_Inc 2014-04-12 18:18 - 2014-03-14 12:58 - 00001958 _____ () C:\Users\Public\Desktop\Sonos.lnk 2014-04-12 18:18 - 2014-03-14 12:58 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Downloaded Installations 2014-04-12 18:18 - 2014-03-14 12:58 - 00000000 ____D () C:\Program Files (x86)\Sonos 2014-04-12 17:47 - 2014-03-16 11:38 - 00005048 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ERIC-PC-ERIC ERIC-PC 2014-04-12 00:08 - 2014-04-08 20:04 - 00003928 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} 2014-04-11 23:51 - 2014-04-11 22:19 - 00001994 _____ () C:\Users\ERIC\Desktop\ZHPFix.lnk 2014-04-11 23:51 - 2014-04-11 22:19 - 00001867 _____ () C:\Users\ERIC\Desktop\ZHPDiag.lnk 2014-04-11 23:51 - 2014-04-11 22:19 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ZHP 2014-04-11 23:51 - 2014-04-11 22:19 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag 2014-04-11 23:37 - 2014-04-11 23:37 - 00002340 _____ () C:\Users\ERIC\Desktop\Lanceur d'applications Google Chrome.lnk 2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2014-04-11 23:36 - 2014-04-11 23:36 - 00002260 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-11 23:36 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Google 2014-04-11 23:36 - 2014-03-14 11:08 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieUserList 2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieSiteList 2014-04-11 23:12 - 2014-04-11 22:58 - 00036353 _____ () C:\Shortcut_Module_11_04_2014_23_12_04.txt 2014-04-11 23:12 - 2014-04-11 21:29 - 00000000 ____D () C:\Shortcut_Module 2014-04-11 22:33 - 2014-04-11 22:33 - 00000624 _____ () C:\Users\ERIC\Desktop\JRT.txt 2014-04-11 22:33 - 2014-04-11 22:24 - 00010239 _____ () C:\Users\ERIC\Desktop\SFTGC.txt 2014-04-11 22:22 - 2014-04-11 22:22 - 00000000 ____D () C:\Windows\ERUNT 2014-04-11 22:07 - 2014-03-14 12:44 - 00000000 ____D () C:\Users\ERIC\AppData\Local\JDownloader v2.0 2014-04-11 21:43 - 2014-04-11 21:29 - 00062047 _____ () C:\Shortcut_Module_11_04_2014_21_43_48.txt 2014-04-11 21:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-11 21:15 - 2014-04-11 21:15 - 00003428 _____ () C:\Windows\System32\Tasks\Reimage Reminder 2014-04-11 21:15 - 2014-04-11 21:14 - 00000000 ____D () C:\rei 2014-04-11 21:15 - 2014-04-11 21:13 - 00000155 _____ () C:\Windows\Reimage.ini 2014-04-11 21:14 - 2014-04-11 21:14 - 00000000 ____D () C:\ProgramData\CDB 2014-04-11 21:05 - 2014-03-15 08:00 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-10 22:41 - 2014-03-14 13:12 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-10 22:38 - 2013-09-05 15:26 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 22:37 - 2013-09-05 15:26 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-10 22:11 - 2014-03-19 19:12 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\vlc 2014-04-10 21:09 - 2014-03-14 16:11 - 00001021 _____ () C:\Users\ERIC\Desktop\Dropbox.lnk 2014-04-10 21:09 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-10 21:09 - 2014-03-14 10:53 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-10 00:08 - 2014-04-09 23:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-09 23:48 - 2014-04-09 23:48 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-09 23:40 - 2014-03-14 13:15 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CrashDumps 2014-04-09 22:47 - 2014-04-09 22:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-09 22:38 - 2014-03-23 17:32 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Pro 2014-04-09 22:38 - 2014-03-14 23:40 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-09 22:21 - 2014-03-22 19:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-09 22:16 - 2014-03-22 19:51 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-08 19:50 - 2014-03-14 16:13 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Newsbin 2014-04-08 19:49 - 2014-04-08 19:49 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin Pro 64.lnk 2014-04-08 19:49 - 2014-04-08 19:49 - 00000855 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-04-08 19:49 - 2014-04-08 19:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Newsbin6 2014-04-08 19:49 - 2014-03-14 16:13 - 00000000 ____D () C:\Program Files\Newsbin 2014-04-08 19:01 - 2014-04-08 19:01 - 00000000 ____D () C:\Windows\system32\log 2014-04-08 18:07 - 2014-04-08 18:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VS Revo Group 2014-04-08 18:06 - 2014-04-08 18:06 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\ProgramData\VS Revo Group 2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-08 16:57 - 2014-03-14 11:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-04-08 16:50 - 2014-03-14 11:27 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA Corporation 2014-04-08 16:50 - 2014-03-14 11:24 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-04-08 15:07 - 2014-04-08 19:01 - 00034304 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2014-04-06 08:16 - 2014-03-14 11:08 - 00003808 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-04-06 07:40 - 2014-03-21 17:24 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core.job 2014-04-06 07:35 - 2014-03-21 17:24 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core 2014-04-05 13:52 - 2014-04-05 13:52 - 00000000 ____D () C:\Users\ERIC\Documents\MercurySteam 2014-04-05 13:51 - 2014-04-05 13:51 - 00000633 _____ () C:\Users\Public\Desktop\Castlevania Lords of Shadow 2.lnk 2014-04-04 15:08 - 2014-03-14 14:07 - 00002222 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-04-04 13:51 - 2014-03-14 16:02 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager 2014-04-03 17:32 - 2014-03-29 07:51 - 00001196 _____ () C:\Users\Public\Desktop\Air Video Server HD.lnk 2014-04-03 17:32 - 2014-03-29 07:46 - 00000000 ____D () C:\Users\ERIC\AppData\Local\AirVideoServerHD 2014-04-03 17:15 - 2009-07-14 07:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-03 17:14 - 2014-03-14 10:53 - 00000000 ____D () C:\Users\ERIC 2014-04-03 15:49 - 2014-03-14 12:39 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2014-04-03 09:51 - 2014-04-13 08:50 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-13 08:50 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-13 08:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-02 15:27 - 2014-03-14 11:25 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-04-02 15:27 - 2014-03-14 11:25 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-03-30 11:43 - 2014-03-30 11:43 - 00000000 ____D () C:\Windows\Replay Video Capture 2014-03-30 11:38 - 2014-03-30 11:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Nero 2014-03-30 11:37 - 2014-03-30 11:37 - 00000000 ____D () C:\ProgramData\LightScribe 2014-03-30 11:35 - 2014-03-30 11:35 - 00002737 _____ () C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk 2014-03-30 11:35 - 2014-03-30 11:35 - 00000000 ____D () C:\Windows\System32\Tasks\Nero 2014-03-30 11:35 - 2014-03-30 11:34 - 00000000 ____D () C:\ProgramData\Nero 2014-03-30 11:35 - 2014-03-30 11:34 - 00000000 ____D () C:\Program Files (x86)\Nero 2014-03-30 11:33 - 2014-03-30 11:33 - 00002044 _____ () C:\Users\Public\Desktop\LightScribe.lnk 2014-03-30 09:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2014-03-30 09:49 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Malwarebytes 2014-03-30 09:49 - 2014-03-14 11:18 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-29 19:59 - 2014-03-28 22:29 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\foobar2000 2014-03-29 09:16 - 2014-03-29 09:16 - 14127518 _____ () C:\Users\ERIC\Downloads\12W18l3aQeT5f1870ce86QcRbSX6THX56.nzb 2014-03-29 07:51 - 2014-03-29 07:51 - 00000000 ____D () C:\Program Files (x86)\AirVideoServer HD 2014-03-29 07:46 - 2014-03-29 07:46 - 00000048 _____ () C:\Windows\SysWOW64\settings.properties 2014-03-29 07:46 - 2014-03-29 07:45 - 11731296 _____ () C:\Users\ERIC\Downloads\AirVideoServerHD-1.0.15.exe 2014-03-28 22:29 - 2014-03-28 22:29 - 00001038 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-03-28 22:29 - 2014-03-28 22:29 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-03-28 17:38 - 2014-03-28 17:38 - 01935638 _____ () C:\Users\ERIC\Downloads\23W128aQe80f1896ce86kcaeSd8THX56.par2.nzb 2014-03-28 17:24 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\CyberLink 2014-03-28 17:05 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\CyberLink 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\Documents\CyberLink 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\CyberLink 2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Cyberlink SoftDMA 2014-03-28 17:02 - 2014-03-28 17:00 - 00000000 ____D () C:\ProgramData\install_clap 2014-03-28 17:01 - 2014-03-28 17:01 - 00001418 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\MediaServer 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CyberLink 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\PDVD 2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-03-28 17:00 - 2013-10-18 12:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-27 17:07 - 2014-03-27 17:06 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images 2014-03-27 17:01 - 2014-03-27 17:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-03-27 17:01 - 2014-03-27 17:01 - 00001939 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk 2014-03-27 17:01 - 2014-03-27 16:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro 2014-03-27 16:55 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Compressed 2014-03-27 16:48 - 2014-03-23 17:31 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro 2014-03-27 16:22 - 2014-03-14 13:20 - 00002223 _____ () C:\Users\Public\Desktop\ACDSee 17.lnk 2014-03-27 15:53 - 2014-03-15 00:27 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-03-27 15:53 - 2014-03-15 00:27 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-03-27 14:45 - 2014-04-08 16:56 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-27 14:45 - 2014-04-08 16:56 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 09697128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-27 14:45 - 2014-04-08 16:56 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 18493952 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 14422856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 03106688 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 02728160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 00952440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 00060248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-03-27 14:45 - 2014-03-14 11:24 - 00026011 _____ () C:\Windows\system32\nvinfo.pb 2014-03-27 04:11 - 2014-03-14 11:24 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-03-27 04:11 - 2014-03-14 11:24 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-03-27 04:11 - 2014-03-14 11:24 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-03-27 04:11 - 2014-03-14 11:24 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-03-27 04:11 - 2014-03-14 11:24 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-03-27 04:11 - 2014-03-14 11:24 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-03-26 23:40 - 2014-04-08 16:57 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-24 12:31 - 2014-03-14 11:24 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin 2014-03-23 17:32 - 2014-03-23 17:32 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\ProgramData\Hagel Technologies 2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\Program Files (x86)\DU Meter 2014-03-23 11:22 - 2014-03-23 11:22 - 00025466 _____ () C:\Users\ERIC\Documents\cc_20140323_102236.reg 2014-03-23 11:11 - 2014-03-23 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol 2014-03-23 11:07 - 2014-03-23 11:07 - 00262144 _____ () C:\Windows\system32\config\elam 2014-03-23 11:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-03-23 11:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-03-22 19:17 - 2014-03-22 19:17 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\iSpy 2014-03-21 23:52 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\ERIC\AppData\Local\IsolatedStorage 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\SplitMediaLabs 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\ProgramData\SplitMediaLabs 2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs 2014-03-21 22:09 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\NVIDIA 2014-03-21 22:08 - 2014-03-16 10:01 - 00000000 ____D () C:\ProgramData\Battle.net 2014-03-21 21:43 - 2014-04-08 16:50 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-03-21 21:43 - 2014-04-08 16:50 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-03-21 21:43 - 2014-03-14 11:24 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-03-21 17:25 - 2014-03-21 17:25 - 00001210 _____ () C:\Users\ERIC\Desktop\Chromecast.lnk 2014-03-21 17:25 - 2014-03-21 17:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast 2014-03-20 21:26 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Adobe 2014-03-20 21:25 - 2014-03-20 21:25 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\ProgramData\McAfee 2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-03-20 21:25 - 2014-03-16 16:58 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Adobe 2014-03-20 21:25 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Adobe 2014-03-20 20:57 - 2014-03-20 20:57 - 00001206 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk 2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass 2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Program Files (x86)\LastPass 2014-03-20 20:57 - 2014-03-20 20:56 - 04278003 _____ () C:\Users\ERIC\Downloads\lpchrome_win.crx 2014-03-19 18:38 - 2014-03-14 16:27 - 00000000 ____D () C:\Program Files\Unlocker 2014-03-18 23:33 - 2014-03-18 23:33 - 00525279 _____ () C:\Users\ERIC\Downloads\Veronica.Mars.1080p.VO.VF.VOST.mp4.par2.nzb 2014-03-18 23:14 - 2014-03-18 23:14 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-03-18 22:13 - 2014-03-18 22:13 - 01960126 _____ () C:\Users\ERIC\Downloads\Next1239 (1).nzb 2014-03-18 20:17 - 2014-03-18 20:17 - 04279616 _____ () C:\Windows\PE_File.dll 2014-03-18 20:17 - 2014-03-18 20:17 - 04226912 _____ () C:\Windows\PE_Rom.dll 2014-03-18 20:07 - 2014-03-16 11:35 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-18 20:07 - 2014-03-16 11:35 - 00000000 ____D () C:\ProgramData\Skype 2014-03-18 19:58 - 2014-03-18 19:58 - 00002611 _____ () C:\Users\Public\Desktop\ASUS PC Diagnostics.lnk 2014-03-18 19:58 - 2013-10-18 12:22 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-03-18 19:34 - 2009-07-14 06:45 - 00456968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf 2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf 2014-03-18 19:32 - 2014-03-18 19:25 - 00000000 ____D () C:\Program Files (x86)\Razer 2014-03-18 19:27 - 2014-03-14 10:56 - 00111968 _____ () C:\Users\ERIC\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Razer 2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\ProgramData\Razer 2014-03-16 20:37 - 2014-03-16 17:01 - 00000000 ____D () C:\Users\ERIC\Documents\StarCraft II 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\Documents\My Games 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skyrim 2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\ProgramData\Steam 2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Macromedia 2014-03-16 17:01 - 2014-03-16 17:01 - 00000724 _____ () C:\Users\Public\Desktop\StarCraft II.lnk 2014-03-16 17:01 - 2014-03-16 10:03 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-03-16 16:59 - 2014-03-16 16:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-16 16:59 - 2014-03-16 16:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-16 16:59 - 2014-03-16 16:59 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\system32\Macromed 2014-03-16 14:09 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Skype 2014-03-16 13:10 - 2014-03-16 13:10 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Blizzard Entertainment 2014-03-16 11:58 - 2014-03-16 11:58 - 00000000 ____D () C:\Users\ERIC\Documents\Diablo III 2014-03-16 11:56 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore 2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skype 2014-03-16 11:21 - 2014-03-16 11:21 - 00080180 _____ () C:\Users\ERIC\Documents\cc_20140316_102140.reg 2014-03-16 11:21 - 2014-03-16 11:21 - 00000422 _____ () C:\Users\ERIC\Documents\cc_20140316_102123.reg 2014-03-16 11:20 - 2014-03-14 16:42 - 00000000 ____D () C:\Windows\Minidump 2014-03-16 11:20 - 2013-09-05 15:57 - 00000000 ____D () C:\Windows\Panther 2014-03-16 10:24 - 2014-03-16 09:34 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Zappiti 2014-03-16 10:06 - 2014-03-16 10:06 - 00000771 _____ () C:\Users\Public\Desktop\Diablo III.lnk 2014-03-16 10:04 - 2014-03-16 10:03 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Battle.net 2014-03-16 10:03 - 2014-03-16 10:03 - 00000763 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-03-16 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-03-16 09:47 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2014-03-16 09:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-03-16 09:44 - 2013-09-05 15:00 - 01655180 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-03-16 09:39 - 2014-03-16 09:39 - 00000000 ____D () C:\Program Files (x86)\Splashtop 2014-03-16 09:35 - 2014-03-16 09:35 - 00000000 ____D () C:\Program Files (x86)\Groupe ARCHISOFT 2014-03-16 09:35 - 2014-03-16 09:34 - 00001208 _____ () C:\Users\Public\Desktop\Zappiti Media Center.lnk 2014-03-15 08:34 - 2014-03-14 15:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-15 08:34 - 2014-03-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-15 08:29 - 2014-03-15 08:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-15 08:27 - 2014-03-15 08:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-03-15 08:00 - 2014-03-15 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-03-15 08:00 - 2014-03-15 08:00 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-15 07:58 - 2014-03-14 16:13 - 00000000 ____D () C:\Users\ERIC\Documents\Newsbin 2014-03-15 00:43 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Local\ACD Systems 2014-03-15 00:31 - 2013-10-12 07:19 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2014-03-15 00:31 - 2013-10-12 07:19 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2014-03-15 00:31 - 2013-06-06 18:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys 2014-03-15 00:28 - 2014-03-15 00:28 - 00001096 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Windows\ELAMBKUP 2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-03-15 00:22 - 2013-09-05 15:01 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-03-15 00:15 - 2014-03-15 00:15 - 00000000 ____D () C:\Program Files\PlayReady 2014-03-14 23:40 - 2014-03-14 23:40 - 00000970 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-03-14 23:32 - 2014-03-14 23:32 - 00001715 _____ () C:\Users\ERIC\Desktop\Google Drive.lnk 2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\Program Files (x86)\Elgato 2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Downloads\Box Sync.lnk 2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Desktop\Box Sync.lnk 2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ___HD () C:\Users\ERIC\.Box Sync 2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ____D () C:\Users\ERIC\Box Sync 2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\Program Files\Box 2014-03-14 17:47 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\Documents\Broken Sword 5 2014-03-14 17:46 - 2014-03-14 17:46 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00000719 _____ () C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk 2014-03-14 17:46 - 2014-03-14 17:46 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2014-03-14 16:54 - 2014-03-14 16:54 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Lite 2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier 2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Program Files\Ultracopier 2014-03-14 16:20 - 2014-03-14 15:45 - 00000000 ____D () C:\Windows\AutoKMS 2014-03-14 16:16 - 2014-03-14 16:16 - 00000282 _____ () C:\SSUUpdater.log 2014-03-14 16:13 - 2014-03-14 16:13 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin for RegNow 64.lnk 2014-03-14 16:11 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DropboxMaster 2014-03-14 16:02 - 2014-03-14 16:02 - 00001016 _____ () C:\Users\ERIC\Desktop\Internet Download Manager.lnk 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Video 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\ProgramData\IDM 2014-03-14 15:57 - 2014-03-14 15:57 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-03-14 15:57 - 2014-03-14 15:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-03-14 15:56 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-03-14 15:51 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Deployment 2014-03-14 15:36 - 2014-03-14 15:36 - 00000000 ____D () C:\Users\ERIC\ultracopier 2014-03-14 15:28 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\Documents\Bluetooth Folder 2014-03-14 15:17 - 2013-10-18 12:46 - 00000000 ____D () C:\ProgramData\Atheros 2014-03-14 15:15 - 2014-03-14 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\WinRAR 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Program Files\WinRAR 2014-03-14 14:13 - 2014-03-14 14:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ___RD () C:\Users\ERIC\SkyDrive 2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-03-14 13:45 - 2014-03-14 13:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ACD Systems 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\ProgramData\ACD Systems 2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Program Files (x86)\ACD Systems 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-03-14 13:13 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-03-14 13:13 - 2011-04-12 11:27 - 00000000 ____D () C:\Windows\ShellNew 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 __RHD () C:\MSOCache 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Microsoft Help 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-03-14 13:10 - 2014-03-14 13:10 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer 2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit 2014-03-14 13:01 - 2014-03-14 13:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Sonos,_Inc 2014-03-14 12:56 - 2014-03-14 12:56 - 00001112 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qobuz Desktop.lnk 2014-03-14 12:56 - 2014-03-14 12:56 - 00001104 _____ () C:\Users\ERIC\Desktop\Qobuz Desktop.lnk 2014-03-14 12:54 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iTunes 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iPod 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Bonjour 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-03-14 12:51 - 2011-04-12 11:27 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-03-14 12:50 - 2014-03-14 12:50 - 00000000 ____D () C:\Program Files\7-Zip 2014-03-14 12:45 - 2014-03-14 12:45 - 00002084 _____ () C:\Users\ERIC\Desktop\JDownloader 2.lnk 2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2014-03-14 12:44 - 2014-03-14 12:44 - 00000041 _____ () C:\Users\ERIC\AppData\Roaming\WB.CFG 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\Public\Documents\Logishrd 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Leadertech 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\ProgramData\Logishrd 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Logitech 2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd 2014-03-14 12:39 - 2014-03-14 12:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logitech 2014-03-14 12:37 - 2014-03-14 12:36 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logishrd 2014-03-14 11:36 - 2014-03-14 11:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA 2014-03-14 11:35 - 2014-03-14 11:35 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-03-14 11:35 - 2014-03-14 11:35 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-03-14 11:34 - 2014-03-14 11:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\MPC-HC 2014-03-14 11:33 - 2014-03-14 11:33 - 00001709 _____ () C:\Users\ERIC\Desktop\MPC-HC x64.lnk 2014-03-14 11:33 - 2014-03-14 11:33 - 00000000 ____D () C:\Program Files\MPC-HC 2014-03-14 11:25 - 2014-03-14 11:25 - 00001354 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-03-14 11:25 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-14 11:25 - 2014-03-14 11:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-03-14 11:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-03-14 11:23 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-03-14 11:22 - 2014-03-14 10:53 - 00001436 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-14 11:16 - 2014-03-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-03-14 11:16 - 2014-03-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-03-14 11:16 - 2014-03-14 11:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-03-14 11:16 - 2014-03-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-03-14 11:16 - 2014-03-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-03-14 11:16 - 2014-03-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-03-14 11:16 - 2014-03-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-03-14 11:07 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apps\2.0 2014-03-14 10:56 - 2014-03-14 10:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Intel Corporation 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Atheros 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VirtualStore 2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\BMExplorer 2014-03-14 10:55 - 2014-03-14 10:53 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage réseau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage d'impression 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Local\Historique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Modèles 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Favoris 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Bureau 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Program Files\Fichiers communs 2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 ___SD () C:\Recovery 2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery 2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT Some content of TEMP: ==================== C:\Users\ERIC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpamg3t4.dll C:\Users\ERIC\AppData\Local\Temp\ntdll_dump.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-09 21:01 ==================== End Of Log ============================
  22. hollowmanf38
    bon maintenant c'est PC healthweb qui apparaît en lien vert pour l'instant Malwarebytes Anti-Malware scan tous les disques dur
  23. hollowmanf38
    RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : HOSTS RAZ -- Date : 04/13/2014 08:30:21 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[0]_H_04132014_083021.txt >> RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt RKreport[0]_H_04132014_082711.txt;RKreport[0]_S_04122014_175500.txt;RKreport[0]_S_04132014_082646.txt RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Proxy RAZ -- Date : 04/13/2014 08:30:49 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_PR_04132014_083049.txt >> RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : DNS RAZ -- Date : 04/13/2014 08:31:19 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_DN_04132014_083119.txt >> RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.tx RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : ERIC [Droits d'admin] Mode : Raccourcis RAZ -- Date : 04/13/2014 08:32:04 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 0 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 0 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 0 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 0 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume8 -- 0x3 --> Restored [D:] \Device\HarddiskVolume4 -- 0x3 --> Restored [E:] \Device\HarddiskVolume9 -- 0x3 --> Restored [F:] \Device\HarddiskVolume12 -- 0x3 --> Restored [G:] \Device\HarddiskVolume11 -- 0x3 --> Restored [H:] \Device\HarddiskVolume10 -- 0x3 --> Restored [i:] \Device\CdRom1 -- 0x5 --> Skipped [J:] \Device\HarddiskVolume2 -- 0x3 --> Restored [K:] \Device\CdRom0 -- 0x5 --> Skipped [N:] \Device\CdRom2 -- 0x5 --> Skipped [O:] \Device\HarddiskVolume1 -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_SC_04132014_083204.txt >> RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt voila les rapports mais j'ai toujours filebuker avec les liens verts
  24. hollowmanf38
    merci beaucoup pour votre aide je teste de suite
  25. hollowmanf38
    bonjour je suis nouveau sur le forum je me permet de vous donner le rapport après de moultes scan j'ai toujours des écritures vertes qui me renvoie vers des site de téléchargement impossible à dégager ca revient tout le temps j'ai la version pro de Malwarebytes' Anti-Malware mais il ne trouve rien voila mon rapport ZHP ~ Rapport de ZHPDiag v2014.4.11.19 - Nicolas Coolman (11/04/2014) ~ Lancé par ERIC (11/04/2014 23:51:29) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17041 GCIE: Google Chrome v34.0.1847.116 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows® 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : P36YQ Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Kaspersky Anti-Virus v14.0.0.4651 Malwarebytes Anti-Malware version 2.0.1.1004 Windows Defender W7 ---\\ Logiciels d'optimisation du système CCleaner v4.09 =>.Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 12 Plugin Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8129 MB (51% free) System Restore: Activé (Enable) System drive C: has 179 GB (75%) free of 238 GB ---\\ Mode de connexion au système ~ Computer Name: ERIC-PC ~ User Name: ERIC ~ All Users Names: HomeGroupUser$, ERIC, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\ERIC\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\ERIC\AppData\Roaming\ ~ %Desktop% : C:\Users\ERIC\Desktop\ ~ %Favorites% : C:\Users\ERIC\Favorites\ ~ %LocalAppData% : C:\Users\ERIC\AppData\Local\ ~ %StartMenu% : C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 179 Go of 238 Go) D: Hard drive, Flash drive, Thumb drive (Free 1691 Go of 1863 Go) E: Hard drive, Flash drive, Thumb drive (Free 327 Go of 1863 Go) F: Hard drive, Flash drive, Thumb drive (Free 380 Go of 1397 Go) G: Hard drive, Flash drive, Thumb drive (Free 319 Go of 1397 Go) H: Hard drive, Flash drive, Thumb drive (Free 1132 Go of 1863 Go) I: CD-ROM drive (Not Inserted) J: Hard drive, Flash drive, Thumb drive (Free 1204 Go of 1397 Go) K: CD-ROM drive (Not Inserted) N: CD-ROM drive (Not Inserted) O: Hard drive, Flash drive, Thumb drive (Free 534 Go of 932 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/11/2013 - 18:48:46.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 1/162 ~ Mes Videos (My Videos) : 1/9 ~ Mes Favoris (My Favorites) : 1/25 ~ Mes Documents (My Documents) : 1/43 ~ Mon Bureau (My Desktop) : 1/18 ~ Menu demarrer (Programs) : 1/62 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.85A9BBED7AD3CA869956399AA9F3F20A] - (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400] [PID.1936] [MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.3316] [MD5.B96D82EA7BC9A842028559968E9570D4] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe [1004864] [PID.3992] [MD5.D3B2B70E7E69CC8AE92725F0A632C6F7] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe [2768088] [PID.4744] [MD5.293770C94202D1EA18EE27E0D3EB6A41] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032] [PID.4676] [MD5.240B2FAC1D398715960BD31AF7152DD7] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328] [PID.5320] [MD5.A4C98FD0EB19815374011C929B7D728A] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128] [PID.5840] [MD5.1553313A94B927B65FCD27635BF49866] - (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224] [PID.6284] [MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5796] [MD5.6A6C57E6000B3F3490F7FEAFF2D4CE15] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe [32667896] [PID.6536] [MD5.CF329AF009865920DB34BD6FA6403D03] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760] [PID.6560] [MD5.FDCF54D76E12FD8E731575CA35C573DB] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592] [PID.10072] [MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.8720] [MD5.F8F5CC1BA3889C7C84899FA5F1906D80] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Plugins Native Messagi.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\plugin-nm-server.exe [771904] [PID.5184] [MD5.1177E21C863C6BB21195AB51E6B86AC0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8210432] [PID.10696] [MD5.2F6E80BA379883AF5A9C9BB7DD674A66] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.760] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2000] [MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1424] [MD5.1A7A2CAC3B5AFABD6636B25DFE33CBAD] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232] [PID.2144] [MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512] [PID.2288] [MD5.A5E664DB01F89C32DB69F224F6CF1666] - (.CyberLink - Media Server Monitor Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576] [PID.2340] [MD5.4404F7496CBDA9F5927D053D61933853] - (.CyberLink - Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432] [PID.2396] [MD5.F191DF810E6AAA0651A723EAE8D249A9] - (.Hagel Technologies Ltd. - DU Meter Service.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2385304] [PID.2600] [MD5.C34411A244029F1C08687F7C752C4563] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2520] [MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2860] [MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912] [PID.3144] [MD5.6822CA012769844EB14FD6634F22C4F6] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192] [PID.3188] [MD5.73FF2C17264E56EB3AD7F95412C04CCD] - (.Splashtop Inc. - Splashtop® Streamer Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [790880] [PID.3440] [MD5.E671A14984D2FC6EAA324ADD17E62304] - (.Splashtop Inc. - Splashtop® Streamer.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe [3918176] [PID.3492] [MD5.BEC3EFB8834FDA3F4F6C63555F7A0741] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296] [PID.3548] [MD5.3920745BC3FDB1D4E8E86232AA6BBC4A] - (.Splashtop Inc. - Splashtop® Streamer Feature.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe [7169376] [PID.4532] [MD5.89CB56C80DF2DEA6315694CDF5B7C04E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.9676] [MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432] [PID.3756] [MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel® Local Management Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [366552] [PID.5344] [MD5.E59AFB64C2F6E0C99350E1C944C75088] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [762192] [PID.8624] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.6388] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [anakpfpojdnocblgejmienjaaggfgbdj] Meteo en France v.3.1 (Désactivé) G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [blbkdnmdcafmfhinpmnlhhddbepgkeaa] Kaspersky Protection v.1.18, (Activé) G2 - GCE: Preference [user Data\Default] [boadgeojelhgndaghljhdicfkmllpafd] Google Cast v.14.305.0.0, (Activé) G2 - GCE: Preference [user Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé) G2 - GCE: Preference [user Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] URL Advisor v.14.0.0.4651 (Désactivé) G2 - GCE: Preference [user Data\Default] [edkonmaeaeehdmjbgigneocajjibpack] Bouton pour PayPalâ„¢ v.1.14.0.0, (Activé) G2 - GCE: Preference [user Data\Default] [ejjicmeblgpmajnghnpcppodonldlgfn] Google Agenda v.4.5.3 (Activé) G2 - GCE: Preference [user Data\Default] [ejnkaeblpdcamcioiiabclakabcbjmbl] Box - 10GB of FREE storage v.1.1.7 (Activé) G2 - GCE: Preference [user Data\Default] [fapbbpdnlcmiolkdfjnnjhabmcndadad] Météo v.0.9.0.6 (Activé) G2 - GCE: Preference [user Data\Default] [fjkkongamjdfggeifeicejegagbhhjlf] Cinémur v.2.1 (Activé) G2 - GCE: Preference [user Data\Default] [gceeodfjmkoilhaoehbnhofdpobaohnm] Facebook One v.1.1 (Activé) G2 - GCE: Preference [user Data\Default] [hgecghmkcdefnknohcimkoemhaofpoha] PDF Mergy v.0.5.4 (Activé) G2 - GCE: Preference [user Data\Default] [jijgclgmgjipgefcnnnibgllfonlfdap] Pocket Website v.1.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [kdkgihpbaofhkiliohfepioflkkbapao] Calculatrice v.1.0.9 (Activé) G2 - GCE: Preference [user Data\Default] [lneaknkopdijkpnocmklfnjbeapigfbh] Google Maps v.5.2.7 (Activé) G2 - GCE: Preference [user Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé) G2 - GCE: Preference [user Data\Default] [mjcnijlhddpbdemagnpefmlkjdagkogk] Pocket v.0.701 (Activé) G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nffchahhjecejoiigmnhhicpoabngedk] OneDrive v.1.0.4 (Activé) G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nlmbdmpjmlijibeockamioakdpmhjnpk] Twitch Now v.1.1.55, (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [user Data\Default] [onhbegdkgonhlokobjefolhpoidcnida] Synology Download Station v.2.1.3, (Activé) G2 - GCE: Preference [user Data\Default] [poohjpljfecljomfhhimjhddddlidhdd] Twitch Giveaways v.1.5.4 (Activé) ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 54 Legitimates Filtered in 00mn 06s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Air Video Server HD.lnk . (.inMethod - Air Video Server HD.) -- C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe O4 - GS\Desktop [Public]: ASUS PC Diagnostics.lnk . (...) -- C:\Windows\Installer\{D709005F-D8DC-42A8-8435-5AE880ECAF82}\_819741F18861FB75FAEF03.exe O4 - GS\Desktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Battle.net Setup.) -- D:\Jeux\Battle.net\Battle.net Launcher.exe O4 - GS\Desktop [Public]: Broken Sword 5 - the Serpent's Curse.lnk . (...) -- D:\Jeux\Broken Sword 5\BS5.exe O4 - GS\Desktop [Public]: Castlevania Lords of Shadow 2.lnk . (.Mercury Steam Entertainment S.L. - Castlevania: Lords of Shadow 2.) -- D:\Jeux\Castlevania Lords of Shadow 2\bin\CLOS2.exe O4 - GS\Desktop [Public]: Diablo III.lnk . (.Blizzard Entertainment - Diablo III Setup.) -- D:\Jeux\Diablo III\Diablo III Launcher.exe O4 - GS\Desktop [Public]: foobar2000.lnk . (.Piotr Pawlowski - foobar2000.) -- C:\Program Files (x86)\foobar2000\foobar2000.exe O4 - GS\Desktop [Public]: GeForce Experience.lnk . (.NVIDIA - NVIDIA GeForce Experience.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [Public]: Google Docs.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - GS\Desktop [Public]: Google Sheets.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - GS\Desktop [Public]: Google Slides.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - GS\Desktop [Public]: Kaspersky Anti-Virus.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe O4 - GS\Desktop [Public]: LightScribe.lnk . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe O4 - GS\Desktop [Public]: My LastPass Vault.lnk - Clé orpheline O4 - GS\Desktop [Public]: PC Scan & Repair by Reimage.lnk . (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (.not file.) =>Rogue.ReimageRepair O4 - GS\Desktop [Public]: Sonos.lnk . (.Sonos, Inc. - Sonos Desktop Controller.) -- C:\Program Files (x86)\Sonos\Sonos.exe O4 - GS\Desktop [Public]: StarCraft II.lnk . (.Blizzard Entertainment - StarCraft II Setup.) -- D:\Jeux\StarCraft II\StarCraft II.exe O4 - GS\Program [Public]: Castlevania Lords of Shadow 2.lnk . (.Mercury Steam Entertainment S.L. - Castlevania: Lords of Shadow 2.) -- D:\Jeux\Castlevania Lords of Shadow 2\bin\CLOS2.exe O4 - GS\Program [Public]: foobar2000.lnk . (.Piotr Pawlowski - foobar2000.) -- C:\Program Files (x86)\foobar2000\foobar2000.exe O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (.not file.) O4 - GS\QuickLaunch [ERIC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [ERIC]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [ERIC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [ERIC]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [ERIC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [ERIC]: Lanceur d'applications Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [ERIC]: Shortcut_Module.lnk . (...) -- C:\Users\ERIC\Downloads\Programs\Shortcut_Module.exe O4 - GS\Program [ERIC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [ERIC]: Qobuz Desktop.lnk . (...) -- C:\Users\ERIC\AppData\Local\QobuzDesktop\QobuzDesktop.exe O4 - GS\SystemTools [ERIC]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [ERIC]: Box Sync.lnk . (...) -- C:\Users\ERIC\Box Sync O4 - GS\Desktop [ERIC]: Chromecast.lnk . (.Google - ChromecastApp.) -- C:\Users\ERIC\AppData\Local\Google\Chromecast\ChromecastApp.exe O4 - GS\Desktop [ERIC]: Google Drive.lnk . (...) -- C:\Users\ERIC\Google Drive O4 - GS\Desktop [ERIC]: Lanceur d'applications Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [ERIC]: MPC-HC x64.lnk . (.MPC-HC Team - MPC-HC.) -- C:\Program Files\MPC-HC\mpc-hc64.exe O4 - GS\Desktop [ERIC]: Newsbin for RegNow 64.lnk . (.CMCEI - NewsbinPro Newsgroup Reader.) -- C:\Program Files\Newsbin\NewsbinPro64.exe O4 - GS\Desktop [ERIC]: Newsbin Pro 64.lnk . (.CMCEI - NewsbinPro Newsgroup Reader.) -- C:\Program Files\Newsbin\NewsbinPro64.exe O4 - GS\Desktop [ERIC]: Qobuz Desktop.lnk . (...) -- C:\Users\ERIC\AppData\Local\QobuzDesktop\QobuzDesktop.exe ~ Global Startup: 113 Legitimates Filtered in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - GS\Startup [ERIC]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [RtHDVBg_DTS] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Bluetooth Suite\btvstack.exe O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Bluetooth Suite\athbttray.exe O4 - HKLM\..\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe O4 - HKLM\..\Run: [shadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe O4 - HKLM\..\Run: [boxSync] . (.Box, Inc. - Box Sync.) -- c:\Program Files\Box\Box Sync\BoxSync.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [skyDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] . (.Disc Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe O4 - HKLM\..\Wow6432Node\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.) O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [skyDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [DAEMON Tools Pro Agent] . (.Disc Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kbrd.ico O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~3\Office15\ONBttnIE.dll (.not file.) O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~3\Office15\ONBTTN~1.dll (.not file.) O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\logo.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe (.not file.) =>Rogue.ReimageRepair ~ Services: 29 Legitimates Filtered in 00mn 10s ---\\ Tâches planifiées en automatique (O39) [MD5.83AC88E59AED154D19915169ADF0FAAD] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3727360] =>Trojan.Keygen [MD5.00000000000000000000000000000000] [APT] [Reimage Reminder] (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe (.not file.) [0] =>Rogue.ReimageRepair ~ Scheduled Task: 21 Legitimates Filtered in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Broken Sword 5 - (.Revolution Software Ltd.) [HKLM][64Bits] -- Broken Sword 5_is1 ~ Logic: 29 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Filseclab] [HKCU\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\Wow6432Node\Filseclab] [HKLM\Software\Wow6432Node\Shortcut_Module] ~ Key Software: 337 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 29/03/2014 - 07:51:32 - [42,963] ----D C:\Program Files (x86)\AirVideoServer HD O43 - CFD: 11/04/2014 - 21:14:42 - [0] ----D C:\ProgramData\CDB O43 - CFD: 03/04/2014 - 17:32:31 - [3,995] ----D C:\Users\ERIC\AppData\Local\AirVideoServerHD O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieSiteList O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieUserList ~ Program Folder: 218 Legitimates Filtered in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304] =>Trojan.Staser O44 - LFC:[MD5.E23EC527101E4FBC2B41D54476ECCA32] - 09/04/2014 - 21:49:13 ---A- . (...) -- C:\Windows\ntbtlog.txt [133776] O44 - LFC:[MD5.14025A53056C9DDB2477E2AEECED6506] - 11/04/2014 - 20:15:17 ---A- . (...) -- C:\Windows\Reimage.ini [155] =>Rogue.ReimageRepair O44 - LFC:[MD5.8029883B519D30BC6260BAC87E0561D4] - 11/04/2014 - 20:43:48 ---A- . (...) -- C:\Shortcut_Module_11_04_2014_21_43_48.txt [62047] O44 - LFC:[MD5.97C99280B5C1C56F616C5DAD691BCDE4] - 11/04/2014 - 22:12:04 ---A- . (...) -- C:\Shortcut_Module_11_04_2014_23_12_04.txt [36353] ~ Files: 78 Legitimates Filtered in 00mn 01s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Browser Infrastructure Helper [Key] . (...) -- C:\Users\ERIC\AppData\Local\Smartbar\Application\SnapDo.exe (.not file.) =>Hijacker.SmartBar ~ SMSR Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 18 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.929DF302F15BFE24AC66EF45D858C413] - 28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480] O58 - SDL:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304] =>Trojan.Staser O58 - SDL:[MD5.74D30C2EF66C2EB19F17ED5423AA8038] - 23/03/2014 - 16:32:30 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:[MD5.798DE15F187C1F013095BBBEB6FB6197] - 21/08/2012 - 19:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232] O58 - SDL:[MD5.1392B92179B07B672720763D9B1028A5] - 03/08/2010 - 06:21:24 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464] O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296] ~ Drivers: 18 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {553E46AB-BBDA-49D4-8381-7958D86D06F1} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "D7E5B2DADAAEEB34195BE073BA1B0C94" . (.Zappiti Media Center.) -- C:\Windows\Installer\{AD2B5E7D-EAAD-43BE-91B5-0E37ABB1C049}\favicon.exe ~ Update Products: 109 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.075A7EA5CCC1529097D3122D6AE7BCCF] [WIS][11/04/2014] (.Box, Inc. - Box Sync.) -- C:\Windows\Installer\22f86.msi [15478784] ~ WIS: 111 Legitimates Filtered in 00mn 11s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 16/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 10/03/2014 28768 | (BoxSyncUpdateService) . (.Box Inc..) - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe SS - | Demand 14/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 13/02/2013 820184 | (Intel® Capability Licensing Service TCP IP Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SS - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 13/06/2013 357144 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SS - | Auto 10/07/1658 0 | (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe =>Rogue.ReimageRepair SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 29/10/2012 927232 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe SR - | Auto 29/11/2012 232064 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe SR - | Auto 12/10/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 05/07/2013 77576 | (CyberLink PowerDVD 13 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe SR - | Auto 05/07/2013 327432 | (CyberLink PowerDVD 13 Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe SR - | Auto 02/10/2012 240584 | (DTSAudioSvc) . (.DTS, Inc.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe SR - | Auto 01/03/2013 2385304 | (DUMeterSvc) . (.Hagel Technologies Ltd..) - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe SR - | Auto 15/04/2013 400864 | (EyeTV Netstream) . (.Elgato Systems GmbH.) - C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe SR - | Auto 14/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 02/07/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 13/02/2013 731648 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 03/01/2013 183200 | (Intel® PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 04/03/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe SR - | Auto 02/04/2014 1615192 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe SR - | Auto 02/04/2014 20541216 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe SR - | Auto 27/03/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 07/03/2014 790880 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe SR - | Auto 26/03/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 29/11/2012 327296 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe SR - | Auto 06/07/2013 130320 | ({09F57980-3432-4AFC-957D-27AC45FAE1F5}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl ~ Services: Scanned in 00mn 03s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O58 - SDL:[MD5.74D30C2EF66C2EB19F17ED5423AA8038] - 23/03/2014 - 16:32:30 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680] ~ Emulateurs: Scanned in 00mn 03s ---\\ Scan Additionnel (O88) Database Version : 13044 - (11/04/2014) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 2 [HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtection] =>Rogue.ReimageRepair^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Browser Infrastructure Helper] =>Hijacker.SmartBar^ [HKCU\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\Reimage] =>Rogue.ReimageRepair C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen^ C:\Windows\Reimage.ini =>Rogue.ReimageRepair ~ Additionnel Scan: 308728 Items scanned in 00mn 18s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.webs.com/apps/blog/show/26633218-rogue-reimagerepair =>Rogue.ReimageRepair http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar ~ MSI: 3 link(s) detected in 00mn 00s ~ 1344 Legitimates filtered by white list End of the scan (542 lines in 01mn 07s)(0) ___________________ EDIT ______________________ Message désimbriqué du sujet d'origine pour en faire un sujet personnalisé et à part entière :http://forum.zebulon.fr/filesbunker-t206439.html/page-2?do=findComment&comment=1716636. Tonton
×
×
  • Créer...