[Résolu] Lib. Ram (Naludo), partie éradication malwares

Naludo · le 23 juillet 2011

Je viens suite a une analyse présente sur un autre topic de ce forum: http://forum.zebulon.fr/liberation-de-memoire-naludo-t186774.html

Voici le lien du résultat de mon analyse: Cijoint.fr - Service gratuit de dépôt de fichiers

Je ne sais pas quoi donner d'autres comme infomartions, on m'a prévenu que vous seriez sans doute très occupé, je vais patienter un moment alors :lol:

Merci a vous de bien vouloir m'aider !

Modifié le 29 juillet 2011 par Naludo

lance_yien · le 24 juillet 2011

Bonjour Naludo,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions:

Lire la totalité du message.
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

>>> P2P/ Crack et Cie: Tout ce qui vient des P2P/ Torrent est devenu de plus en plus dangereux pour les machines et les documents personnels qui y sont stockés.

Fini le partage entre des gens honnêtes. Les pirates, aussi, veulent partager avec le maximum d'internautes et mettent à disposition leurs sites et/ou disques durs (avec de belles dynamites évidemment).

En plus le principe même de ce type de réseau n'est en rien bénéfique. Bien au contraire, vous autoriser tout le monde à utiliser votre bande passante et communiquer avec votre machine ce qui facilite la tâche à qui veut y déposer/ récupérer ce que l'on veut.

En y adhérant, non seulement, vous ouvrez délibérément des portes à toutes les intrusions mais aussi, vous forcez votre pare-feu et antivirus à les tolérer (c'est compris dans la procédure d'installation).

Enfin, lire attentivement Le danger des P2P et prendre la sage décision de désinstaller "eMule" et "uTorrent" ainsi que tout programme de ce type.

>>> Utiliser ZHPFix:

Sélectionner et copier le texte suivant:

[MD5.628989FE4B0C7CC2B4E07713BAB51254] - (.Agence-Exclusive - autoupdater.) -- C:\Users\Boulanger\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe [671360]
[MD5.38957E987A4A565D984AE19B315173D1] - (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe [1035904]
O2 - BHO: PCTBHO [64Bits] - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} . (.PcTuto - ....) -- C:\Program Files (x86)\Agence-Exclusive\pctutoBHO.dll
O4 - HKLM\..\Wow6432Node\Run: [pctuto] . (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [autoupdater] . (.Agence-Exclusive - autoupdater.) -- C:\Users\Boulanger\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
O42 - Logiciel: PcTuto 1.1 - (.Agence-Exclusive.) [HKLM][64Bits] -- PcTuto_is1
[HKCU\Software\Agence-Exclusive]
[HKCU\Software\hblitesa]
[HKLM\Software\Agence-Exclusive]
[HKLM\Software\HBLite]
O43 - CFD: 26/06/2011 - 17:44:52 - [0] ----D- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
O43 - CFD: 26/06/2011 - 17:45:10 - [1603760] ----D- C:\ProgramData\HBLiteSA
O43 - CFD: 08/07/2011 - 02:10:02 - [1450308] ----D- C:\Users\Boulanger\AppData\Roaming\Agence-Exclusive
O43 - CFD: 26/06/2011 - 17:44:52 - [0] ----D- C:\Users\Boulanger\AppData\Roaming\HBLite
O43 - CFD: 08/07/2011 - 02:10:02 - [2457245] ----D- C:\Program Files (x86)\Agence-Exclusive
O43 - CFD: 26/06/2011 - 17:44:52 - [533106] ----D- C:\Program Files (x86)\HBLite
[HKLM\Software\Classes\HBLiteAx.Info]
[HKLM\Software\Wow6432Node\Classes\HBLiteAx.Info]
[HKLM\Software\Classes\HBLiteAx.Info.1]
[HKLM\Software\Wow6432Node\Classes\HBLiteAx.Info.1]
[HKLM\Software\Classes\HBLiteAX.UserProfiles]
[HKLM\Software\Wow6432Node\Classes\HBLiteAX.UserProfiles]
[HKLM\Software\Classes\HBLiteAX.UserProfiles.1]
[HKLM\Software\Wow6432Node\Classes\HBLiteAX.UserProfiles.1]
[HKLM\Software\Classes\Wow6432Node\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}]
[HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}]
[HKLM\Software\Classes\Wow6432Node\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
[HKLM\Software\Classes\Interface\{618aad04-921f-44c2-be38-c0818af69861}]
[HKLM\Software\Classes\Wow6432Node\TypeLib\{6F098504-CDB1-420F-A2E6-DDC0B835FEDF}]
[HKLM\Software\Classes\TypeLib\{6F098504-CDB1-420F-A2E6-DDC0B835FEDF}]
[HKLM\Software\Classes\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337}]
[HKLM\Software\Classes\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb}]
[HKLM\Software\Classes\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78}]
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\HBLiteSA
C:\Users\Boulanger\AppData\Roaming\HBLite
C:\Program Files (x86)\HBLite
O51 - MPSK:{3cf6efff-ed8d-11df-a014-485b39e7593d}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O4 - Global Startup: C:\Users\Boulanger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM][64Bits] -- uTorrent
[HKCU\Software\BitTorrent]
O43 - CFD: 10/01/2011 - 00:30:04 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 14/07/2011 - 16:08:52 - [871431347] ----D- C:\Users\Boulanger\AppData\Roaming\uTorrent
O43 - CFD: 10/01/2011 - 00:30:04 - [13820248] ----D- C:\Users\Boulanger\AppData\Local\eMule
O43 - CFD: 02/11/2010 - 21:40:24 - [328056] ----D- C:\Program Files (x86)\uTorrent
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{2A41F930-1945-469F-A1DF-A67F3CFD13A0}C:\program files (x86)\utorrent\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe
O87 - FAEL: "UDP Query User{845016CD-787F-43BC-8C23-1502D691F22F}C:\program files (x86)\utorrent\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe
O87 - FAEL: "{7DA6652D-FF58-47F2-834D-FE860843D56F}" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe
O87 - FAEL: "{C0079918-2887-4579-8913-46D4178B3028}" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe
Lancer ZHPFix et clique sur le bouton [H].
Vérifier que toutes les lignes copiées (et rien d'autre) apparaissent dans la fenêtre (et disposées exactement de la même façon) et clique sur le bouton [OK] puis sur sur le bouton [Tous].
Fermer toutes les applications et autres fenêtres en cours désactive (y compris Internet) et désactiver tous les programmes de protection (antivirus, pare-feu et antispyware).
Enfin clique sur le bouton [Nettoyer] et laisser faire. Important: Redémarrer le PC pour finir le nettoyage si demandé.

Copie/colle le contenu du rapport qui s'ouvre dans la prochaine réponse. Ce rapport est en outre sauvegardé ici => C:\Program files\ZHPDiag\ZHPFixReport.txt.

--

Télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.

>>> Utiliser Malwarebytes' Anti-Malware: Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit sur mbam-setup.exe => "Exécuter en tant qu'administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> Utiliser SecurityCheck: Fermer toutes les fenêtres et applications ouvertes et double-cliquer sur "SecurityCheck.exe" (Vista/W7, cliquer-droit dessus => "Exécuter en tant qu'administrateur") pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

ZHPFixReport.tx
Malwarebytes Anti-Malware log
checkup.txt

Est-ce mieux?

Naludo · le 24 juillet 2011

Mon ordinateur est doté de 2 disque dur internes. Mon premier contient toutes les partitions systemes mais le deuxieme je m'en sers exactement comme une disque dur externe ( il n'a aucune partition systeme, que des images, des jeux, etc... ) Je peux conserver mes fichiers sur le 2e disque interne ou il faut que je le copie lui aussi sur DVD ?

Encore merci.

lance_yien · le 24 juillet 2011

Re bonjour,

Le but de la recommandation est de ne pas perdre ses docs importants en cas de problème. Si les tiens sont déjà à l'abri la recommandation ne te concerne pas.

Je te rappelle que les utilitaires doivent être sur ton Bureau avant de les lancer.

Naludo · le 24 juillet 2011

Voici le rapport de ZHPFix:

Rapport de ZHPFix 1.12.3344 par Nicolas Coolman, Update du 21/07/2011

Fichier d'export Registre :

Run by Boulanger at 24/07/2011 18:21:55

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

========== Logiciel(s) ==========

ABSENT Software Key: PcTuto_is1

ABSENT Software Key: uTorrent

========== Clé(s) du Registre ==========

ABSENT Key: CLSID BHO: {293A63F7-C3B6-423a-9845-901AC0A7EE6E}

ABSENT Key: HKCU\Software\Agence-Exclusive

ABSENT Key: HKCU\Software\hblitesa

ABSENT Key: HKLM\Software\Agence-Exclusive

ABSENT Key: HKLM\Software\HBLite

ABSENT Key: HKLM\Software\Classes\HBLiteAx.Info

ABSENT Key: HKLM\Software\Wow6432Node\Classes\HBLiteAx.Info

ABSENT Key: HKLM\Software\Classes\HBLiteAx.Info.1

ABSENT Key: HKLM\Software\Wow6432Node\Classes\HBLiteAx.Info.1

ABSENT Key: HKLM\Software\Classes\HBLiteAX.UserProfiles

ABSENT Key: HKLM\Software\Wow6432Node\Classes\HBLiteAX.UserProfiles

ABSENT Key: HKLM\Software\Classes\HBLiteAX.UserProfiles.1

ABSENT Key: HKLM\Software\Wow6432Node\Classes\HBLiteAX.UserProfiles.1

ABSENT Key: HKLM\Software\Classes\Wow6432Node\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}

ABSENT Key: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}

ABSENT Key: HKLM\Software\Classes\Wow6432Node\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

ABSENT Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

SUPPRIME Key: HKLM\Software\Classes\Interface\{618aad04-921f-44c2-be38-c0818af69861}

ABSENT Key: HKLM\Software\Classes\Wow6432Node\TypeLib\{6F098504-CDB1-420F-A2E6-DDC0B835FEDF}

ABSENT Key: HKLM\Software\Classes\TypeLib\{6F098504-CDB1-420F-A2E6-DDC0B835FEDF}

SUPPRIME Key: HKLM\Software\Classes\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337}

SUPPRIME Key: HKLM\Software\Classes\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb}

SUPPRIME Key: HKLM\Software\Classes\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78}

ABSENT CLSID MPSK: {3cf6efff-ed8d-11df-a014-485b39e7593d}

ABSENT Key: HKCU\Software\BitTorrent

SUPPRIME Key: StartupReg: uTorrent

========== Valeur(s) du Registre ==========

ABSENT RunValue: pctuto

ABSENT RunValue: autoupdater

ABSENT TCP Query User{2A41F930-1945-469F-A1DF-A67F3CFD13A0}C:/program files (x86)/utorrent/utorrent.exe

ABSENT UDP Query User{845016CD-787F-43BC-8C23-1502D691F22F}C:/program files (x86)/utorrent/utorrent.exe

ABSENT {7DA6652D-FF58-47F2-834D-FE860843D56F}

ABSENT {C0079918-2887-4579-8913-46D4178B3028}

========== Dossier(s) ==========

ABSENT C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

ABSENT C:\ProgramData\HBLiteSA

ABSENT C:\Users\Boulanger\AppData\Roaming\Agence-Exclusive

ABSENT C:\Users\Boulanger\AppData\Roaming\HBLite

ABSENT C:\Program Files (x86)\Agence-Exclusive

ABSENT C:\Program Files (x86)\HBLite

ABSENT C:\ProgramData\eMule

ABSENT C:\Users\Boulanger\AppData\Roaming\uTorrent

ABSENT C:\Users\Boulanger\AppData\Local\eMule

ABSENT C:\Program Files (x86)\uTorrent

========== Fichier(s) ==========

ABSENT Folder/File: c:\users\boulanger\appdata\roaming\agence-exclusive\agence-exclusive\autoupdater.exe

ABSENT Folder/File: c:\program files (x86)\agence-exclusive\pctuto.exe

ABSENT File: c:\program files (x86)\agence-exclusive\pctutobho.dll

ABSENT File: c:\users\boulanger\appdata\roaming\agence-exclusive\agence-exclusive\autoupdater.exe

ABSENT Folder/File: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65

ABSENT Folder/File: c:\programdata\hblitesa

ABSENT Folder/File: c:\users\boulanger\appdata\roaming\hblite

ABSENT File: c:\users\boulanger\appdata\roaming\microsoft\internet explorer\quick launch\µtorrent.lnk

========== Récapitulatif ==========

28 : Clé(s) du Registre

6 : Valeur(s) du Registre

10 : Dossier(s)

8 : Fichier(s)

2 : Logiciel(s)

========== Chemin du fichier rapport ==========

C:\Atlantica_FR\ZHPDiag\ZHPFixReport.txt

Puis celui de Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Version de la base de données: 7263

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

24/07/2011 18:42:19

mbam-log-2011-07-24 (18-42-19).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 165914

Temps écoulé: 3 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 10

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO.1 (Trojan.Eorezo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO (Trojan.Eorezo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{4E674574-3F0B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4E674574-3F0B-491D-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\HBLite (Adware.HotBar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\HBLite@HBLite.com (Adware.HotBar) -> Value: HBLite@HBLite.com -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

c:\program files (x86)\mozilla firefox\plugins\npclntax_hblitesa.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

c:\Users\boulanger\downloads\crazysetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

c:\Users\boulanger\downloads\vlc_fr_version.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Et puis celui de Checkup

Results of screen317's Security Check version 0.99.17

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

avast! Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 26

Adobe Flash Player 10.3.181.26

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbam.exe

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

``````````End of Log````````````

Modifié le 24 juillet 2011 par Naludo

Naludo · le 24 juillet 2011

J'ai réalisé, ce matin, les mises a jour demandées ( SP1 notament ), mais là Windows Update m'annonce que j'ai 6 mises a jour importantes a effectuer, je les installe ? Où il vaut mieux attendre la fin des manipulations ?

Ces dernières n'ont pas eu d'effet sur mon ordinateur...

Malwarebytes a l'air d'être un bon logiciel, devrais-je l'acheter ?

Merci à tous

lance_yien · le 24 juillet 2011

Oui tu peux installer les mises à jour proposées. C'est même recommandé.

Oui Malwarebytes est un bon utilitaire mais la version gratuite me suffit très bien

Si tu l'achete, tu aura une protection antimalware en temps réel en plus. Il ne faut pas pour autant faire n'importe quoi sur le Net

As-tu encore des soucis et spécialement celui pour lequel tu as demandé de l'aide?

Naludo · le 24 juillet 2011

Ca n'a pas libéré de mémoire malheureusement...

Merci quand même de ton aide, de m'avoir fait découvrir ce bon logiciel et de m'avoir nettoyé mon PC !

Je retourne sur l'autre post pour rehercher des solutions !!

lance_yien · le 25 juillet 2011

Bonjour,

On vient de commencer et tu veux déjà partir? Tu n'es pas bien avec nous?

Relis la note dans mon1er message: "Il ne faut pas abandonner... avant d'avoir été informé que c'est fini"

--

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Désactiver antivirus/ parefeu et antispyware.

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => Exécuter en tant qu'Administrateur.

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Naludo · le 25 juillet 2011

Je vous envoie les rapports ( désolé je suis assez pressé de nature ^^' )

Voici le rapport OTL

OTL logfile created on: 25/07/2011 10:11:04 - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Boulanger\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 66,13% Memory free

7,71 Gb Paging File | 5,97 Gb Available in Paging File | 77,49% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,05 Gb Total Space | 51,00 Gb Free Space | 34,22% Space Free | Partition Type: NTFS

Drive D: | 427,59 Gb Total Space | 101,41 Gb Free Space | 23,72% Space Free | Partition Type: NTFS

Drive E: | 4,38 Gb Total Space | 4,37 Gb Free Space | 99,87% Space Free | Partition Type: UDF

Computer Name: LUDO | User Name: Boulanger | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2011/07/25 10:07:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Boulanger\Desktop\OTL.exe

PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/06/23 02:39:16 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE

PRC - [2010/01/05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - [2009/11/24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

PRC - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/10/27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - [2009/10/26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2009/08/20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - [2009/08/12 21:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

PRC - [2009/07/06 23:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

PRC - [2009/06/24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

PRC - [2007/11/20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

========== Modules (SafeList) ==========

MOD - [2011/07/25 10:07:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Boulanger\Desktop\OTL.exe

MOD - [2011/07/04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2010/01/22 03:01:11 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/12/08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV:64bit: - [2009/11/27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/06/28 23:56:28 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)

SRV - [2010/12/01 18:01:00 | 004,268,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)

SRV - [2010/06/25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/11/10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011/07/04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2011/05/18 16:35:20 | 000,051,776 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk41.sys -- (PsSdk41)

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/01 11:12:24 | 000,097,040 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)

DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/11 12:58:31 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/08/21 06:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2010/08/19 20:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2010/06/25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)

DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/01/22 03:13:23 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2010/01/22 03:13:23 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/01/22 02:07:55 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/01/18 14:37:57 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2009/11/27 05:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/11/13 11:47:35 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2009/10/05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/09/30 03:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/08/12 05:38:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV:64bit: - [2009/08/06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 02:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)

DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009/06/10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2007/08/03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)

DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

DRV - [2005/01/05 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/'>http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 67 66 31 B7 81 CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01

FF - prefs.js..extensions.enabledItems: My-Translator@eugenche.com:0.2.3

FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIAWB2&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Boulanger\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Boulanger\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Boulanger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/04 18:52:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/24 18:42:19 | 000,000,000 | ---D | M]

[2010/10/12 12:40:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boulanger\AppData\Roaming\mozilla\Extensions

[2011/07/23 14:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boulanger\AppData\Roaming\mozilla\Firefox\Profiles\z9set2cf.default\extensions

[2011/06/26 17:48:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Boulanger\AppData\Roaming\mozilla\Firefox\Profiles\z9set2cf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/05/18 15:53:25 | 000,000,000 | ---D | M] (My-Translator) -- C:\Users\Boulanger\AppData\Roaming\mozilla\Firefox\Profiles\z9set2cf.default\extensions\My-Translator@eugenche.com

[2011/06/17 13:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/06/17 13:58:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

File not found (No name found) --

() (No name found) -- C:\USERS\BOULANGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9SET2CF.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI

() (No name found) -- C:\USERS\BOULANGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9SET2CF.DEFAULT\EXTENSIONS\{AFF87FA2-A58E-4EDD-B852-0A20203C1E17}.XPI

() (No name found) -- C:\USERS\BOULANGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9SET2CF.DEFAULT\EXTENSIONS\GOOGLEDICTIONARY@TOPTIP.CA.XPI

[2011/07/03 17:56:05 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/12/28 22:59:50 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activation.guitar-pro.com

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)

O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()

O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{d82faedb-fd81-11df-bf2e-485b39e7593d}\Shell - "" = AutoRun

O33 - MountPoints2\{d82faedb-fd81-11df-bf2e-485b39e7593d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/07/25 10:07:19 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Boulanger\Desktop\OTL.exe

[2011/07/24 22:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover

[2011/07/24 18:35:41 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\Malwarebytes

[2011/07/24 18:35:22 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/07/24 18:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/07/24 18:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/07/24 18:35:19 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/07/24 18:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/07/24 12:34:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/07/24 11:23:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview

[2011/07/24 11:22:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders

[2011/07/23 23:18:33 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011/07/23 23:18:33 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011/07/23 23:07:49 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\Google

[2011/07/23 22:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/07/23 15:03:41 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\EeeStorageUploader

[2011/07/20 14:45:42 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\ElevatedDiagnostics

[2011/07/18 18:16:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/07/15 23:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2011/07/14 02:01:49 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011/07/14 02:01:49 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011/07/14 02:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2011/07/14 02:01:48 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011/07/14 02:01:43 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011/07/14 02:01:37 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011/07/14 02:01:32 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2011/07/14 02:01:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2011/07/14 02:01:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2011/07/14 02:01:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2011/07/14 02:01:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2011/07/14 02:01:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2011/07/14 02:01:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2011/07/14 02:01:15 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/07/14 02:01:14 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011/07/14 02:00:53 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2011/07/14 02:00:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2011/07/14 02:00:52 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2011/07/14 02:00:52 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2011/07/14 02:00:52 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2011/07/14 02:00:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2011/07/14 02:00:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2011/07/14 02:00:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2011/07/14 02:00:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2011/07/14 02:00:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2011/07/14 02:00:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2011/07/14 02:00:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2011/07/14 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{31450C49-8505-4650-AF0E-4D61C9C35081}

[2011/07/14 01:12:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2011/07/09 10:14:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011/07/09 10:14:44 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/07/09 10:14:44 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/07/09 10:14:44 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011/07/09 10:14:44 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/07/09 10:14:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/07/09 10:14:44 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2011/07/09 10:14:44 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011/07/09 10:14:44 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011/07/09 10:14:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011/07/09 10:14:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll

[2011/07/09 10:14:44 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011/07/09 10:14:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011/07/09 10:14:44 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/07/09 10:14:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/07/09 10:14:44 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011/07/09 10:14:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll

[2011/07/09 10:14:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011/07/09 10:14:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011/07/09 10:14:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/07/09 10:14:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011/07/09 10:14:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011/07/09 10:14:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011/07/09 10:14:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011/07/09 10:14:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll

[2011/07/09 10:14:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011/07/09 10:14:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011/07/09 10:14:44 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011/07/09 10:14:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011/07/09 10:14:44 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011/07/09 10:14:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011/07/09 10:14:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011/07/09 10:14:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011/07/09 10:14:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011/07/09 10:14:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011/07/09 10:14:44 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011/07/09 10:14:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011/07/09 10:14:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011/07/09 10:14:44 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011/07/09 10:14:44 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011/07/09 10:14:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011/07/09 10:14:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011/07/09 10:14:44 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011/07/09 10:14:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011/07/09 10:14:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011/07/09 10:14:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011/07/09 10:14:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011/07/09 10:14:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011/07/09 10:14:44 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/07/09 10:14:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011/07/09 10:14:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011/07/09 10:14:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011/07/09 10:14:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011/07/09 10:14:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011/07/09 10:14:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011/07/09 10:14:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011/07/09 10:14:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll

[2011/07/09 10:14:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011/07/09 10:14:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011/07/09 10:14:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011/07/09 10:14:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011/07/09 10:14:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011/07/09 10:14:43 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011/07/09 10:14:43 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011/07/09 10:14:43 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/07/09 10:14:43 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011/07/09 10:14:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011/07/09 10:14:43 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011/07/09 10:14:43 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/07/09 10:14:43 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011/07/09 10:14:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011/07/09 10:14:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011/07/09 10:14:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/07/09 10:14:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011/07/09 10:14:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011/07/09 10:14:43 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011/07/09 10:14:43 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011/07/09 10:14:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011/07/09 10:05:29 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{E211A75F-D63B-4DF8-B9CE-FC43607B92E6}

[2011/07/08 21:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Navilog1

[2011/07/08 21:20:01 | 000,000,000 | ---D | C] -- C:\Navilog1

[2011/07/08 03:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler

[2011/07/08 02:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity

[2011/07/07 23:20:38 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\WMTools Downloaded Files

[2011/07/07 23:18:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6

[2011/07/06 22:30:07 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\adslTV

[2011/07/06 22:30:03 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adsl TV

[2011/07/06 22:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adslTV

[2011/07/04 18:55:14 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{A74D159E-9529-4991-9501-D61397F96395}

[2011/07/04 18:46:11 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{9C073961-5CDE-409B-9393-629112FF0D1B}

[2011/07/04 13:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Screen To Video

[2011/07/04 13:47:03 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\FreeScreenToVideo

[2011/07/04 13:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Screen To Video

[2011/07/04 13:31:52 | 000,487,479 | ---- | C] (Appspeed Inc.) -- C:\Windows\SysWow64\SkinMagic.dll

[2011/07/04 13:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smallvideosoft

[2011/07/04 13:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freez software

[2011/07/04 10:55:36 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{8467770F-2481-4396-85EC-5CE4D2E4B3D0}

[2011/07/03 17:41:36 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{21608540-F964-45B7-9A69-898E12A70BC5}

[2011/07/01 21:26:27 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Roaming\GetRightToGo

[2011/07/01 21:26:27 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\Documents\Downloads

[2011/06/30 11:39:33 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\Desktop\Naheulbeuk

[2011/06/30 10:28:19 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{72627451-489E-4FE4-962E-A2D91359141A}

[2011/06/29 13:56:06 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\dwhelper

[2011/06/29 03:56:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

[2011/06/29 03:56:04 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll

[2011/06/29 03:56:03 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

[2011/06/29 03:56:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

[2011/06/29 03:56:02 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

[2011/06/29 03:56:02 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

[2011/06/29 03:56:02 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

[2011/06/29 03:56:02 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

[2011/06/29 03:56:02 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

[2011/06/29 03:56:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

[2011/06/29 03:56:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

[2011/06/29 03:56:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

[2011/06/29 03:56:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

[2011/06/29 03:56:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll

[2011/06/29 03:56:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

[2011/06/29 03:56:01 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

[2011/06/29 03:56:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

[2011/06/28 03:28:18 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{902AC56B-15DE-4D6B-9B3F-F25F4205E5F1}

[2011/06/27 23:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gPotato.eu

[2011/06/26 17:36:33 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{5243FBEC-801F-4CBE-8E6E-7D2B23F07239}

[2011/06/25 10:55:52 | 000,000,000 | ---D | C] -- C:\Users\Boulanger\AppData\Local\{F9410C73-C3F5-484F-9D0F-39C7A27ADA5D}

========== Files - Modified Within 30 Days ==========

[2011/07/25 10:12:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/07/25 10:07:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Boulanger\Desktop\OTL.exe

[2011/07/25 10:04:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/07/25 09:25:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2987586368-1234510250-2163312443-1000UA.job

[2011/07/25 09:14:34 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/07/25 09:14:34 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/07/25 09:06:30 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys

[2011/07/24 22:25:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2987586368-1234510250-2163312443-1000Core.job

[2011/07/24 21:29:40 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2011/07/24 21:23:46 | 000,007,605 | ---- | M] () -- C:\Users\Boulanger\AppData\Local\Resmon.ResmonCfg

[2011/07/24 20:47:15 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2011/07/24 20:37:25 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/07/24 19:06:04 | 001,551,212 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/07/24 19:06:04 | 000,704,924 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/07/24 19:06:04 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/07/24 19:06:04 | 000,130,940 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/07/24 19:06:04 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/07/24 18:58:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011/07/24 18:44:41 | 000,002,062 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2011/07/24 18:44:34 | 000,001,340 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2011/07/24 12:34:30 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011/07/24 11:30:43 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll

[2011/07/24 11:30:43 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll

[2011/07/23 22:46:28 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/07/23 15:09:06 | 000,000,026 | ---- | M] () -- C:\MEMOIRE.vbs

[2011/07/14 02:01:49 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/07/14 01:12:20 | 000,403,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/07/09 11:53:37 | 000,001,459 | ---- | M] () -- C:\Users\Boulanger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/07/09 10:14:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011/07/09 10:14:44 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/07/09 10:14:44 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/07/09 10:14:44 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011/07/09 10:14:44 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/07/09 10:14:44 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/07/09 10:14:44 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2011/07/09 10:14:44 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011/07/09 10:14:44 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011/07/09 10:14:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011/07/09 10:14:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll

[2011/07/09 10:14:44 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011/07/09 10:14:44 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011/07/09 10:14:44 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/07/09 10:14:44 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/07/09 10:14:44 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011/07/09 10:14:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll

[2011/07/09 10:14:44 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011/07/09 10:14:44 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011/07/09 10:14:44 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/07/09 10:14:44 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011/07/09 10:14:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011/07/09 10:14:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011/07/09 10:14:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011/07/09 10:14:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll

[2011/07/09 10:14:44 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011/07/09 10:14:44 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011/07/09 10:14:44 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011/07/09 10:14:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011/07/09 10:14:44 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011/07/09 10:14:44 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011/07/09 10:14:44 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011/07/09 10:14:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011/07/09 10:14:44 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011/07/09 10:14:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011/07/09 10:14:44 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011/07/09 10:14:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011/07/09 10:14:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011/07/09 10:14:44 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011/07/09 10:14:44 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011/07/09 10:14:44 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011/07/09 10:14:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011/07/09 10:14:44 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011/07/09 10:14:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011/07/09 10:14:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011/07/09 10:14:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011/07/09 10:14:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011/07/09 10:14:44 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011/07/09 10:14:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2011/07/09 10:14:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/07/09 10:14:44 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011/07/09 10:14:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011/07/09 10:14:44 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011/07/09 10:14:44 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011/07/09 10:14:44 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011/07/09 10:14:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011/07/09 10:14:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011/07/09 10:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll

[2011/07/09 10:14:44 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011/07/09 10:14:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011/07/09 10:14:44 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011/07/09 10:14:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011/07/09 10:14:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011/07/09 10:14:43 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011/07/09 10:14:43 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011/07/09 10:14:43 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/07/09 10:14:43 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011/07/09 10:14:43 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011/07/09 10:14:43 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011/07/09 10:14:43 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/07/09 10:14:43 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011/07/09 10:14:43 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011/07/09 10:14:43 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011/07/09 10:14:43 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/07/09 10:14:43 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011/07/09 10:14:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011/07/09 10:14:43 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011/07/09 10:14:43 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2011/07/09 10:14:43 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011/07/09 10:14:43 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011/07/08 02:06:36 | 000,000,949 | ---- | M] () -- C:\Users\Boulanger\Desktop\Audacity.lnk

[2011/07/08 02:00:17 | 000,004,608 | ---- | M] () -- C:\Users\Boulanger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/07 23:18:43 | 000,002,507 | ---- | M] () -- C:\Users\Boulanger\Desktop\Windows Movie Maker 2.6.lnk

[2011/07/06 23:36:30 | 000,001,067 | ---- | M] () -- C:\Users\Boulanger\Desktop\Firefox.lnk

[2011/07/06 22:30:03 | 000,000,925 | ---- | M] () -- C:\Users\Boulanger\Desktop\adsl TV.lnk

[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/07/04 13:47:05 | 000,001,156 | ---- | M] () -- C:\Users\Boulanger\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Screen To Video.lnk

[2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011/07/04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011/07/04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011/07/04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011/07/04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011/07/04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011/07/04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011/07/04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011/07/03 17:56:19 | 000,002,054 | ---- | M] () -- C:\Users\Boulanger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/06/26 17:33:40 | 000,000,598 | ---- | M] () -- C:\Users\Boulanger\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml

========== Files Created - No Company Name ==========

[2011/07/25 10:12:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/07/23 22:46:28 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/07/23 15:09:06 | 000,000,026 | ---- | C] () -- C:\MEMOIRE.vbs

[2011/07/14 02:01:49 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/07/09 11:53:37 | 000,001,431 | ---- | C] () -- C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2011/07/09 11:53:32 | 000,001,465 | ---- | C] () -- C:\Users\Boulanger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011/07/09 10:14:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2011/07/09 10:14:43 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2011/07/08 03:11:32 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2011/07/08 02:06:36 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

[2011/07/08 02:06:36 | 000,000,949 | ---- | C] () -- C:\Users\Boulanger\Desktop\Audacity.lnk

[2011/07/07 23:19:06 | 000,004,608 | ---- | C] () -- C:\Users\Boulanger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/07 23:18:43 | 000,002,507 | ---- | C] () -- C:\Users\Boulanger\Desktop\Windows Movie Maker 2.6.lnk

[2011/07/07 23:18:28 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk

[2011/07/06 23:36:30 | 000,001,067 | ---- | C] () -- C:\Users\Boulanger\Desktop\Firefox.lnk

[2011/07/06 22:30:03 | 000,000,925 | ---- | C] () -- C:\Users\Boulanger\Desktop\adsl TV.lnk

[2011/07/04 13:47:05 | 000,001,156 | ---- | C] () -- C:\Users\Boulanger\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Screen To Video.lnk

[2011/06/30 10:27:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe

[2011/06/26 17:33:40 | 000,000,598 | ---- | C] () -- C:\Users\Boulanger\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml

[2011/03/05 19:50:18 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011/01/21 23:18:05 | 000,001,940 | ---- | C] () -- C:\Users\Boulanger\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011/01/02 21:14:43 | 000,007,605 | ---- | C] () -- C:\Users\Boulanger\AppData\Local\Resmon.ResmonCfg

[2010/10/25 16:49:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/10/12 22:02:18 | 001,552,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/10/12 16:28:51 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2010/10/12 14:54:52 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\decdll.dll

[2010/06/25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2010/06/23 02:40:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

[2010/06/23 02:19:07 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/06/23 02:01:26 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/06/23 01:34:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/10/26 05:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

[2009/08/19 10:33:09 | 000,020,480 | ---- | C] () -- C:\Windows\OOBEPlayer.exe

[2009/08/19 10:33:09 | 000,000,232 | ---- | C] () -- C:\Windows\OOBEPlayer.ini

[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006/05/19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2011/07/24 23:03:50 | 000,004,177 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt

[2011/07/24 23:10:28 | 000,004,175 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt

[2011/07/24 22:59:43 | 000,003,746 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2011/07/24 23:07:52 | 000,004,064 | ---- | M] () -- C:\Ad-Report-SCAN[2].txt

[2009/06/15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log

[2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr

[2009/07/29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2011/07/08 21:20:49 | 000,000,725 | ---- | M] () -- C:\cleannavi.txt

[2010/06/23 02:57:51 | 000,013,918 | ---- | M] () -- C:\devlist.txt

[2010/06/23 02:57:50 | 000,000,009 | ---- | M] () -- C:\Finish.log

[2011/07/25 09:06:30 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys

[2010/02/02 09:23:01 | 002,097,152 | -H-- | M] () -- C:\K72Jk.BIN

[2010/03/12 06:48:58 | 000,000,018 | ---- | M] () -- C:\K72JK_WIN7.10

[2011/07/23 15:09:06 | 000,000,026 | ---- | M] () -- C:\MEMOIRE.vbs

[2011/07/25 09:06:33 | 4140,347,392 | -HS- | M] () -- C:\pagefile.sys

[2010/06/22 14:13:57 | 000,000,233 | ---- | M] () -- C:\Pass.txt

[2011/07/23 22:46:28 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/07/25 10:12:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010/03/12 06:48:58 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT

[2006/05/13 18:22:24 | 000,000,005 | ---- | M] () -- C:\store.log

[2010/06/23 01:30:52 | 000,000,166 | ---- | M] () -- C:\SumHidd.txt

[2010/06/23 01:29:42 | 000,000,098 | ---- | M] () -- C:\SumOS.txt

[2011/07/24 18:20:37 | 001,017,234 | ---- | M] () -- C:\ZHPExportRegistry-24-07-2011-18-20-36.txt

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2011/07/09 10:14:44 | 009,703,936 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >

Modifié le 25 juillet 2011 par Naludo

Connexion

Pas encore inscrit ?

[Résolu] Lib. Ram (Naludo), partie éradication malwares

Messages recommandés

Naludo

lance_yien

Naludo

lance_yien

Naludo

Naludo

lance_yien

Naludo

lance_yien

Naludo

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer