[Résolu] Infection par FREEzeFrog

[Wabbi]

Bonjour/bonsoir,

 

En faisant le ménage sur mon disque, j'ai découvert que j'avais été contaminé par FREEzeFrog. Pour l'instant rien de dramatique, mais si quelqu'un pouvait m'aider à le supprimer, chose que je ne saurais pas faire faute de connaissance, avant que cela ne prennent des proportions dramatiques, ce serait sympathique.

[lance_yien]

Bonjour Wabbi,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions:

• Lire la totalité du message.
  
• Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

 

>>> Ne pas abandonner son sujet avant d'être informé(e) que tout est OK.

---

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> Analyse en ligne: Brancher/ allumer tous les médias amovibles disponibles (DD externe, clés USB etc) susceptibles d'avoir été infectés et désactiver antivirus/ pare-feu et antispyware.

Utiliser Internet Explorer pour aller ici, cliquer sur le bouton "ESET Online Scanner", cocher la case "YES, I accept the Terms of Use" et cliquer sur Start.

Accepter l'installation de l'ActiveX et cocher "Scan archives", DEcocher "Remove found threats" et cliquer Start.

Eset téléchargera la base de données et commencera le scan. NE PAS utiliser la machine tant que l'analyse n'est pas finie (peut durer très longtemps).

 

Ensuite, cliquer sur "List of found threats" => "Export to text file..." et sauvegarder les résultats sur le Bureau comme "scan-results" pour les copier/coller dans la prochaine réponse.

 

Cliquer sur "<< Back" et cocher la case "Uninstall application on close" pour supprimer ESET Online Scanner de la machine. Cliquer sur "Finish" pour fermer le programme et poster le rapport.

 

 

Ensuite, télécharger sur le Bureau:

• OTL (par OldTimer) depuis ici ou ici.
• Security Check (par screen317) depuis ici ou ici.

 

>>> Analyse OTL: Brancher et allumer tous les médias amovibles disponibles et susceptibles d'être infectés (DD externe, clés USB etc) et fermer toutes les applications et fenêtres ouvertes.

Double-cliquer sur OTL.exe (vISTA/w7, Cliquer-droit => Exécuter en tant qu'administrateur) et copier/ coller ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: "OTL.txt" (qui s'ouvre dans le bloc-note) et "Extras.txt" (qui sera minimisé dans la Barre des tâches).

Copier/ coller le contenu de chaque rapport dans une prochaine réponse, POSTER un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

 

>>> Utiliser SecurityCheck: Fermer toutes les fenêtres et applications ouvertes et double-cliquer sur SecurityCheck.exe (vISTA/w7, cliquer-droit => "Exécuter en tant qu'administrateur") pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Si un des programmes de sécurité demande la permission d'accéder à Internet depuis "dig.exe", acceptez.

Le Rapport "checkup.txt" s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

 

Rapports demandés:

• scan-results.txt
• OTL.txt
• Extras.txt
• checkup.txt

[Wabbi]

Tout d'abord, merci de venir à mon secours!

petit précisions, conformément à vos instructions j'ai posté 4 messages différent et le forum l'est à fondu en un seul. j'ai tout de même précisez de quel rapport il s'agissait entre chaque.

 

à suivre sur ce message le rapport ESET

 

C:\Program Files (x86)\FREEzeFrog\bin\1.0.670.0\FREEzeFrogUninstaller.exe Win32/Adware.HotBar.E application

C:\Users\Matthieu\AppData\Local\Temp\ZAN30F.exe Win32/Adware.HotBar.E application

C:\Users\Matthieu\AppData\Local\Temp\nsr427.tmp\Install.dll Win32/Adware.HotBar.E application

C:\Users\Matthieu\AppData\Local\Temp\nsw1D6.tmp\Install.dll Win32/Adware.HotBar.E application

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3cc664c-3637539b une variante de Java/Exploit.CVE-2010-4452.A cheval de troie

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\610e57d6-5e8b47ff une variante probable de Java/Agent.BR cheval de troie

 

voilà le rapport OTL

 

OTL logfile created on: 27/08/2011 22:28:40 - Run 1

OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Matthieu\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,86 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,68% Memory free

7,71 Gb Paging File | 5,38 Gb Available in Paging File | 69,81% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284,60 Gb Total Space | 124,59 Gb Free Space | 43,78% Space Free | Partition Type: NTFS

Drive D: | 4,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 2,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive I: | 3,79 Gb Total Space | 1,66 Gb Free Space | 43,89% Space Free | Partition Type: FAT32

Drive J: | 465,76 Gb Total Space | 146,50 Gb Free Space | 31,45% Space Free | Partition Type: NTFS

 

Computer Name: TOMMY | User Name: Matthieu | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/08/27 22:24:11 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe

PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2011/04/28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe

PRC - [2011/03/30 16:44:58 | 001,324,008 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\IMBooster\IMBooster.exe

PRC - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe

PRC - [2011/01/29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe

PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

PRC - [2010/12/15 09:25:26 | 000,083,344 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe

PRC - [2010/12/15 09:25:24 | 000,186,768 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe

PRC - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

PRC - [2010/10/25 17:12:24 | 000,549,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

PRC - [2010/10/04 18:54:46 | 000,079,616 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe

PRC - [2010/09/27 15:12:36 | 000,864,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

PRC - [2010/06/20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

PRC - [2010/06/20 21:47:16 | 000,099,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

PRC - [2010/06/20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

PRC - [2010/06/18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

PRC - [2010/06/01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

PRC - [2010/06/01 03:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

PRC - [2010/05/31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

PRC - [2010/05/31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

PRC - [2010/05/31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

PRC - [2010/05/28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/05/28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/03/04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2010/01/27 02:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe

PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/08/12 01:41:02 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b6a8747fc31bd7eb902b39f884665b21\IAStorUtil.ni.dll

MOD - [2011/08/12 00:54:57 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5611d9597628b1761c25816f1c7cfa50\System.Web.Services.ni.dll

MOD - [2011/08/12 00:54:55 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1f8e3dde1c848c4c5ee635aa0dcfcfdd\System.Web.ni.dll

MOD - [2011/08/12 00:54:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll

MOD - [2011/08/12 00:54:17 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll

MOD - [2011/08/12 00:54:09 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll

MOD - [2011/08/12 00:53:53 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll

MOD - [2011/08/12 00:53:46 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll

MOD - [2011/08/12 00:53:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll

MOD - [2011/08/12 00:53:40 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll

MOD - [2011/08/12 00:53:34 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll

MOD - [2011/03/30 16:45:20 | 000,038,888 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\fr\Iminent.Booster.UI.resources.dll

MOD - [2011/03/30 16:45:06 | 000,236,520 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Windows.dll

MOD - [2011/03/30 16:45:06 | 000,218,600 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Workflow.dll

MOD - [2011/03/30 16:45:04 | 001,869,288 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Services.dll

MOD - [2011/03/30 16:45:02 | 000,041,960 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Business.TinyUrl.dll

MOD - [2011/03/30 16:45:00 | 000,337,896 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Booster.UI.dll

MOD - [2010/08/05 23:47:54 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll

MOD - [2010/08/05 23:47:51 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010/08/05 23:47:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)

SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)

SRV:64bit: - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)

SRV:64bit: - [2010/10/25 17:26:34 | 000,101,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)

SRV:64bit: - [2010/10/25 17:12:24 | 000,549,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)

SRV:64bit: - [2010/10/08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/06/21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)

SRV:64bit: - [2010/06/08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2010/06/08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)

SRV:64bit: - [2010/06/06 22:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)

SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2011/08/03 10:21:14 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/08/03 03:42:26 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)

SRV - [2011/05/25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)

SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)

SRV - [2010/12/01 01:03:00 | 004,023,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)

SRV - [2010/09/27 15:12:36 | 000,864,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)

SRV - [2010/08/05 14:08:29 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/06/20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)

SRV - [2010/06/20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)

SRV - [2010/06/18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)

SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)

SRV - [2010/06/01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2010/05/31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

SRV - [2010/05/28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/05/28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011/07/05 12:12:46 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)

DRV:64bit: - [2011/04/28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)

DRV:64bit: - [2011/04/28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)

DRV:64bit: - [2011/04/28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)

DRV:64bit: - [2011/04/28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)

DRV:64bit: - [2011/03/26 17:58:48 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/10/08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2010/10/08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/10/08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/06/24 22:34:53 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®

DRV:64bit: - [2010/06/24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010/06/23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)

DRV:64bit: - [2010/06/23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010/06/23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2010/06/23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2010/06/23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)

DRV:64bit: - [2010/06/23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)

DRV:64bit: - [2010/05/31 23:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2010/05/31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2010/05/31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/05/31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010/05/31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Pilote de carte de la série Intel®

DRV:64bit: - [2010/05/28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/05/28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2010/04/26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)

DRV:64bit: - [2010/04/24 02:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/04/24 02:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/04/24 02:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/04/24 02:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/10/10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)

DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2005/11/03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)

DRV:64bit: - [2005/08/10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV:64bit: - [2005/05/16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2004/12/30 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [string data over 1000 bytes]

IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..network.proxy.type: 4

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/08/10 13:34:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/17 19:07:11 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/29 20:53:19 | 000,000,000 | ---D | M]

 

[2010/12/27 15:56:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Extensions

[2011/08/19 00:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions

[2011/08/17 21:39:22 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}

[2011/08/19 00:30:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/08/23 19:39:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/12/27 18:43:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/05/24 10:35:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

[2011/08/23 19:39:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/07/08 21:21:59 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com

() (No name found) -- C:\USERS\MATTHIEU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8FXL85B4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011/08/17 19:07:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/05/20 11:39:11 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml

[2011/05/20 11:39:11 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/05/20 11:39:11 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/05/20 11:39:11 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml

[2011/06/28 07:31:04 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml

[2011/05/20 11:39:11 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/05/20 11:39:11 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found

O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - File not found

O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.

O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - File not found

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found

O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - File not found

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [iMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)

O4 - HKLM..\Run: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [EA Core] File not found

O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)

O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation)

O4 - HKCU..\Run: [ZortamMp3MediaStudio] File not found

O4 - Startup: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007/11/29 06:35:54 | 000,995,328 | R--- | M] () - D:\AutoPlay.exe -- [ UDF ]

O32 - AutoRun File - [2007/12/05 01:30:17 | 000,002,072 | R--- | M] () - D:\autoplay.ini -- [ UDF ]

O32 - AutoRun File - [2007/12/05 20:46:15 | 000,000,888 | R--- | M] () - D:\AutoPlay.ucs -- [ UDF ]

O32 - AutoRun File - [2007/11/29 06:35:54 | 000,576,056 | R--- | M] () - D:\AutoRun.bmp -- [ UDF ]

O32 - AutoRun File - [2007/11/29 06:36:01 | 000,000,049 | R--- | M] () - D:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2007/01/12 16:03:57 | 000,438,200 | R--- | M] () - F:\autorun.bmp -- [ UDF ]

O32 - AutoRun File - [2007/01/12 16:03:57 | 000,049,152 | R--- | M] () - F:\autorun.exe -- [ UDF ]

O32 - AutoRun File - [2007/01/12 16:03:57 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2007/01/12 16:03:58 | 000,020,964 | R--- | M] () - F:\autorun.wav -- [ UDF ]

O32 - AutoRun File - [2010/03/22 04:40:56 | 000,000,000 | RH-D | M] - J:\autorun -- [ NTFS ]

O32 - AutoRun File - [2002/10/16 14:56:50 | 000,000,036 | RH-- | M] () - J:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/08/27 22:23:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe

[2011/08/27 19:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011/08/27 18:33:25 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

[2011/08/27 18:33:25 | 000,133,632 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

[2011/08/27 18:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL

[2011/08/27 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow

[2011/08/27 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Documents\GameShadow

[2011/08/27 18:17:14 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations

[2011/08/27 18:16:53 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

[2011/08/27 18:16:52 | 000,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

[2011/08/27 18:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CENEGA

[2011/08/27 18:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CENEGA

[2011/08/27 18:02:26 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Desktop\[PC] UFO Afterlight [MULTI10]

[2011/08/27 11:44:06 | 000,000,000 | ---D | C] -- C:\ZHP

[2011/08/27 11:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/08/27 11:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag

[2011/08/27 11:09:59 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{77508F6D-65BC-4CE5-8FCE-01240836BA61}

[2011/08/27 11:09:34 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{4840AB74-F76A-4A63-96BC-24AF242E7D4F}

[2011/08/26 21:00:20 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{D17B2A65-4B7E-4BE9-BDE8-1EE27F222161}

[2011/08/26 20:59:55 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{006B75AE-513D-4D7E-8FDE-1DF5E0D5502A}

[2011/08/25 17:28:15 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{5336B596-9AA2-421E-A764-BFE3D21CF89F}

[2011/08/25 17:27:54 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{E3C10867-55A5-456B-A518-BD23D6A04FC1}

[2011/08/24 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{DEC9A5BE-DDC4-4FFD-8450-A8A0A78E14B2}

[2011/08/24 17:44:52 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{A2ADBF9F-C1C2-4A50-8D25-23842582CBCB}

[2011/08/23 21:30:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{AAAA9F5A-9346-4D21-8B78-4D26F6A85284}

[2011/08/23 21:30:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{2D123F84-9555-4235-8DF4-ECBD5980A6D9}

[2011/08/23 21:30:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{C52F44F2-5DBA-4F72-8A1B-C40BB1A87108}

[2011/08/23 19:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2011/08/23 19:39:19 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2011/08/23 19:39:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2011/08/23 19:39:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2011/08/23 18:23:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{D7AC85BF-D93B-4B4D-BC2A-92F07229D26A}

[2011/08/23 18:23:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{0076D25C-E4C5-4FD8-A069-5268126E1BB2}

[2011/08/23 18:23:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{269922E9-CBE5-497A-B44B-CDC6FF147DFB}

[2011/08/21 16:07:12 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2011/08/21 14:33:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{D2B937C0-2361-4BE1-9F05-EF936A6EDF19}

[2011/08/21 14:33:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A5919FA3-09AD-466E-A08D-70049EB5286B}

[2011/08/21 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{2EC0ABB3-3A88-423B-9F47-28867F17AD39}

[2011/08/21 13:08:08 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{D2D49BCE-A047-475C-B14E-D192618A315E}

[2011/08/21 13:07:46 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{2C8EE960-D7DB-44EA-9079-C039F336ACCD}

[2011/08/20 18:00:51 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{52E2F99B-3C0B-453A-B05E-B0D6D69B57A9}

[2011/08/20 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{B8933056-6BE5-466F-B85A-5CF32D93BB29}

[2011/08/19 12:08:09 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{247F192D-7E9A-44D1-8951-71B090979776}

[2011/08/19 12:07:59 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{2AFE72C4-B2B6-439A-83E2-29ABFC6B6E3F}

[2011/08/18 17:56:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{25423237-B0C6-48B7-AD30-06DE57D5017A}

[2011/08/18 17:56:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{A8F8F876-0B39-4C15-9387-69BDCE9CE1E7}

[2011/08/18 17:56:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{BBE84544-EAF1-4A24-9C44-7C7E924E5CFD}

[2011/08/18 02:23:50 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{717D6D02-70DB-400A-B406-E4B986B45D97}

[2011/08/18 02:23:36 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{5E2B551B-7BD2-4FA2-9A0E-5D787A6912A3}

[2011/08/17 14:22:43 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{95799300-10DD-4A7A-B731-8F6F14529931}

[2011/08/17 14:22:17 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{7E4078B2-4488-4062-AECB-BB59C731E960}

[2011/08/16 10:56:14 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{641BE148-5B09-48C2-AFCB-5AE271630C32}

[2011/08/16 10:55:48 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{E1D54CF3-5532-45FE-AFA1-2175C9E290B6}

[2011/08/15 11:54:00 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Desktop\saison 3

[2011/08/15 10:09:10 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{1AED4E58-2A9E-4309-B4F1-9CC6C91DF80B}

[2011/08/15 10:09:01 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{92B89A6E-F13F-412B-9DA1-05512053C364}

[2011/08/14 04:00:30 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{D888B96B-72B3-417C-B890-04C7ADB713D8}

[2011/08/14 04:00:18 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{FDAECDE2-BA5A-4B15-B99D-3142849B607B}

[2011/08/14 00:39:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{1C2F2EF9-7F5A-42E5-BABD-DFFEB941778F}

[2011/08/14 00:39:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{F1A9278F-ADE3-4339-8C40-E9AF520CBEA4}

[2011/08/14 00:39:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{D9AE6FBF-9647-4AFF-A2D7-B2DBD6358E91}

[2011/08/14 00:39:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{EDCE0F57-5872-464A-A803-42831F0503DB}

[2011/08/14 00:39:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{84FC8944-4DCD-4C84-909A-8CF0F728F5F5}

[2011/08/14 00:39:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{D4DD3D01-E431-45DD-85D8-FB5E9455CB65}

[2011/08/14 00:39:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{D67C7630-DCCB-4B27-A0B9-91E2FFA3DEC4}

[2011/08/14 00:39:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{E20BCA5B-E6B7-45A1-B626-250EE139C7E6}

[2011/08/14 00:38:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{109A335F-5C3D-498D-958D-50E0638BB741}

[2011/08/14 00:38:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{0821E3EC-1E21-4A96-91AD-B9D75DCAF4A7}

[2011/08/14 00:38:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{F6237582-73CD-4E9E-9278-8717FA9DC45B}

[2011/08/14 00:38:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{CFFFBE13-D6FA-4F7E-813F-4A3738834A82}

[2011/08/14 00:37:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{8CDB6C69-A065-494C-901B-17C928B9FC50}

[2011/08/14 00:37:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{B1A41849-FD87-42CA-8083-A2E145DDB82C}

[2011/08/14 00:37:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{E7CF9F73-88EF-4BE4-82FE-AC94E46C2C1F}

[2011/08/14 00:37:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{ECFCEDDD-CA1C-439F-81BF-FF246C53A9CD}

[2011/08/14 00:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{C2038942-D764-46C9-8378-20418447788C}

[2011/08/14 00:37:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{3AAD84A2-E76D-401B-8C9D-9BE4DE356C34}

[2011/08/14 00:37:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{1609E0B1-36E3-4A55-9A47-4C0E79F5411B}

[2011/08/14 00:37:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{15638122-1A78-422A-A6E6-A8FD9271226A}

[2011/08/14 00:36:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{B389422D-2CFC-4C4E-99EA-17C2337BBA49}

[2011/08/14 00:36:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{E39BE185-AAE3-4363-A1BE-7E65D6C19426}

[2011/08/14 00:36:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{97B7068B-BD94-4A06-8DAF-13718E0F3D90}

[2011/08/14 00:36:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{6F43F360-E441-41CC-BD29-2B69922CE2E9}

[2011/08/14 00:36:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{ABA00D31-F9D8-4AE4-80FA-426F27BF4CA2}

[2011/08/14 00:36:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{E3FAA1E3-6B4F-4DEF-8D61-84B4CADBC7D9}

[2011/08/14 00:36:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{8F4729E5-9303-4225-8C87-562532E05C90}

[2011/08/14 00:36:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{3C78ADAC-007A-45CF-8134-E067D5641A54}

[2011/08/14 00:36:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{A76DA277-3BC8-458A-8B65-0AE7063F72BE}

[2011/08/14 00:36:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{0A94E795-C172-4EC4-BEC5-EA098CC829D8}

[2011/08/14 00:36:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{C78D8F78-E27D-453A-ACCE-BA5C17296762}

[2011/08/14 00:36:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{41388067-8DB6-444A-9508-6D612FEF4AF4}

[2011/08/14 00:36:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{E6B17DDD-3180-483B-A724-A1A96594C755}

[2011/08/14 00:36:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{1D6B4399-9DF1-490B-BA6E-29D2945ED9F3}

[2011/08/14 00:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{137FEC4D-0A7D-4EB0-B0CC-749A93F61ED2}

[2011/08/14 00:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{9C9B4043-8B12-4501-9A58-C20A57F3B33A}

[2011/08/14 00:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{08D29F16-F1A2-4343-A749-D60BB401901B}

[2011/08/14 00:36:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{7682D380-3E52-40DD-96E2-1574FD670FA8}

[2011/08/14 00:36:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{82069506-B0DC-43DA-AD04-08854A790CAB}

[2011/08/14 00:36:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{5B353AEA-F89F-4A71-BEED-0DF05C875740}

[2011/08/14 00:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{2FCF5E71-37DD-4FB0-8605-F79DCB523BB4}

[2011/08/14 00:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{EE39D03D-CA9B-4DFE-AC6E-7E7D1F390A60}

[2011/08/14 00:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{E3F77ED3-1749-4CAA-A2FC-6EC7E0529E5F}

[2011/08/14 00:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{60727734-D85F-4218-8788-E1C1AAEDAA5F}

[2011/08/14 00:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{11A5C5F4-2615-473A-A520-6E1A411A2516}

[2011/08/14 00:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{FE85EC3B-28C7-49C3-B82C-E8F2047715F8}

[2011/08/14 00:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{9804E46C-368C-486A-913A-B8E9763ECD00}

[2011/08/14 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{EFE86E53-D95A-4680-BDB3-31FBDB5FCD09}

[2011/08/14 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{EB2B4CC4-204A-4793-B778-ABE683327A99}

[2011/08/14 00:36:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{85259D75-8621-42F6-A722-298E11C3DEF5}

[2011/08/14 00:36:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{4382EC55-6A6D-4575-8B05-9CD0FBDE092E}

[2011/08/14 00:36:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{B1BA019D-BF9C-4505-AB30-CC1EEBFF5287}

[2011/08/14 00:36:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{805A86A8-2DFD-4F4F-B708-2AF5A9F350BA}

[2011/08/14 00:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{B67BB832-CE25-49A9-BBED-52C432BD300C}

[2011/08/14 00:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{1B237F01-A0F8-4660-836D-DE02295D33D6}

[2011/08/14 00:36:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{0548625D-198F-4728-8E7F-FF5B9286E188}

[2011/08/14 00:36:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{997993F7-904E-4518-AEB3-D739E5499BD6}

[2011/08/14 00:36:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{0E8C53C6-C132-4845-B96F-D14AA0AB7D81}

[2011/08/14 00:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{5AC67405-6C82-40B0-A167-A7F710E38EF3}

[2011/08/14 00:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{BD4BAE53-23FD-4AAD-92A9-1F7873B06AF9}

[2011/08/14 00:36:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{3066143E-5E1B-4EA1-9E52-29EC56F035A1}

[2011/08/14 00:36:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{753D9874-3F7F-4A1F-AAB7-CAF836C909AF}

[2011/08/14 00:36:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{B2B3CA1C-A8FA-4F19-A622-2507B9AA1B42}

[2011/08/14 00:36:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{A574E4EF-1932-4C76-80E3-502EB8C2EEFE}

[2011/08/14 00:36:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7D09D894-37E4-470B-A4B1-33DFA3B92931}

[2011/08/14 00:36:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{2A73B593-C5D2-42C0-99FF-8BF3858880FD}

[2011/08/14 00:36:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{E95EB61A-B48C-4589-8B58-B1F1A15B96D0}

[2011/08/14 00:36:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{73C45849-3FF4-4256-BA85-2294059E42EF}

[2011/08/14 00:36:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{D5DA28AB-477E-401B-8330-289BCD084630}

[2011/08/14 00:36:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{577491B6-726B-4265-A2B4-F45242463D04}

[2011/08/14 00:36:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{69F85E09-E20C-4849-AD8E-167FA169EEE1}

[2011/08/14 00:36:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{D85EE73D-A1B9-44DF-AFB7-6F3E5CC9FAE8}

[2011/08/13 16:20:13 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Documents\Pinnacle VideoSpin

[2011/08/13 16:13:11 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Desktop\Film

[2011/08/13 16:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle

[2011/08/13 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\Downloaded Installations

[2011/08/13 10:13:27 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{92078179-452B-4BF3-A181-9BC1CAB5EB71}

[2011/08/13 10:13:21 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{BF12F770-37D7-496E-9BC5-63EBE9B3A1CF}

[2011/08/12 18:19:11 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{39D84D31-21D2-4E4B-AB63-43BF5C2CF0A5}

[2011/08/12 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{DBCEBCBC-780F-4962-AE9B-85FF61F33FB8}

[2011/08/11 16:12:44 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{009F1608-E11A-4CED-818A-39676B9E156F}

[2011/08/11 16:12:35 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{68AC6424-3352-4AB7-AEAC-3068C555B421}

[2011/08/11 10:05:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2011/08/11 10:05:06 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll

[2011/08/11 10:05:06 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll

[2011/08/11 10:05:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll

[2011/08/11 10:05:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll

[2011/08/11 10:05:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll

[2011/08/11 10:05:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll

[2011/08/11 10:05:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll

[2011/08/11 10:05:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll

[2011/08/11 10:05:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll

[2011/08/11 10:04:46 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2011/08/11 10:04:46 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2011/08/11 10:04:46 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2011/08/11 10:04:46 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2011/08/11 10:04:46 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2011/08/11 10:04:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2011/08/11 10:04:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2011/08/11 10:04:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2011/08/11 10:04:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2011/08/11 10:04:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2011/08/11 10:04:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2011/08/11 10:04:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2011/08/11 10:04:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/11 10:04:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/11 10:04:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2011/08/11 10:04:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2011/08/11 10:04:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2011/08/11 10:04:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/11 10:04:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2011/08/11 10:04:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/11 10:04:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/11 10:04:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2011/08/11 10:04:41 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2011/08/11 10:04:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2011/08/11 10:04:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/11 10:04:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/11 10:04:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/11 10:04:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/11 10:04:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/11 10:04:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/11 10:04:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/11 10:04:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/11 10:04:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2011/08/11 10:04:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2011/08/11 10:04:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2011/08/11 10:04:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2011/08/11 10:04:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/11 10:04:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/11 10:04:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/11 10:04:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/11 10:04:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/11 10:04:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/11 10:04:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2011/08/11 10:04:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2011/08/11 10:04:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2011/08/11 10:04:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2011/08/11 10:04:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2011/08/11 10:04:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2011/08/11 10:04:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2011/08/11 10:03:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/08/11 10:03:52 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/08/11 10:03:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011/08/11 10:03:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/08/11 10:03:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011/08/11 10:03:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/08/11 10:03:51 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/08/11 10:03:51 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/08/11 10:03:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/08/11 10:03:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011/08/11 10:03:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011/08/11 10:03:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011/08/11 10:03:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011/08/11 10:03:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011/08/11 10:03:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011/08/11 10:03:40 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2011/08/11 10:03:38 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2011/08/11 10:03:36 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2011/08/10 19:50:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{5888EEDF-0474-451A-8203-895F3DB03DC5}

[2011/08/10 19:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{0969437E-56AB-463D-A626-5F8B1EB3F6A3}

[2011/08/10 19:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{BF29A3A7-619A-4DE2-956A-A608A857D35C}

[2011/08/10 19:50:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7ED23412-E51B-4817-BCD1-DCD27C2B92E4}

[2011/08/10 17:57:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{6457CEE5-E2BB-475D-B987-BDF5452C4C84}

[2011/08/10 17:57:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{E34E7110-ABF2-418B-80E4-835ABEBC4957}

[2011/08/10 17:57:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{B5F364D4-10DB-4886-AB00-5503C67D11BC}

[2011/08/10 17:56:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{25000772-9D70-4412-88F6-15D0F8F2C7B0}

[2011/08/10 17:56:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{A4125E4F-A2EA-4283-8E42-01FAEAD66376}

[2011/08/10 17:56:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{9E8106F8-195C-4185-9C79-B97435CF6C88}

[2011/08/10 17:56:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{A0C4E37B-3A64-44D0-8721-4E4FB68204FF}

[2011/08/10 17:56:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{9A2C6FF8-B79F-48C7-AE1D-76FD99F8D87C}

[2011/08/10 17:56:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{98051631-4AE9-4D25-B219-669FF2CFC0DE}

[2011/08/10 17:55:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{1725273F-320E-4ECF-B98E-DBFC19B985AD}

[2011/08/10 17:55:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{716D96A0-9DA9-4CEA-B383-65625493F514}

[2011/08/10 17:55:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{2795434F-BC3A-4033-B192-36A5E3571C6B}

[2011/08/10 17:55:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{C660F995-FE75-48C2-82C3-A1D9769E5420}

[2011/08/10 17:55:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{F9436E12-D9CD-4873-87E9-2B836AC6F831}

[2011/08/10 17:55:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{8A945C5E-347C-4FDA-A9E2-EF596608283D}

[2011/08/10 17:55:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{5C245884-017F-4EED-8464-6E13290FB62A}

[2011/08/10 17:55:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{25EF23B1-82DC-4460-AC87-6FDC023DF483}

[2011/08/10 17:55:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{26A3D4A2-70EB-4B56-8E46-C8EBF6FDE6E0}

[2011/08/10 17:54:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{CF516A62-6EF6-4CF1-92B3-F82D5BED1238}

[2011/08/10 17:54:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{984CD458-0A52-410D-BEAF-A4BA97448AB5}

[2011/08/10 17:54:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{4D8060FF-ED5B-4A8A-BC45-90F3CF963D83}

[2011/08/10 17:54:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{F70C5B1B-8168-4A1D-8173-DF3E9BB8736B}

[2011/08/10 17:54:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{8371B3D5-7666-4687-9482-DEB068ED4CDD}

[2011/08/10 17:54:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{60F9DA55-7425-499C-9F17-7E2F98D04616}

[2011/08/10 17:54:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{A278D9E3-FBAD-4C43-93A2-715960F25C17}

[2011/08/10 17:53:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{47928DFF-315A-4DAD-A4CE-DC1E7A50CCA4}

[2011/08/10 17:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{21954100-0148-46E8-BE01-E8216A070CE8}

[2011/08/10 17:53:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{4BABE088-5CB5-4C10-87CD-7AEEB30C9B8A}

[2011/08/10 17:53:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{C7758589-E456-4E1F-A434-A460B2D571F9}

[2011/08/10 17:53:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{DDDE8ADC-0754-4BF6-8AD6-44279E1264DD}

[2011/08/10 17:53:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{9C607075-BA59-4FC7-8854-2E0EBCC5A885}

[2011/08/10 17:52:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{CDC91B65-2446-4910-8E0A-B82480285844}

[2011/08/10 17:52:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{050FE3DE-568B-4D53-97C0-51E93C31C546}

[2011/08/10 17:52:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{9128D10B-82B2-4E36-848F-84F3F82BC9B1}

[2011/08/10 17:52:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{43CAC4DA-87C0-45C2-989B-BB74D9AFDB70}

[2011/08/10 17:52:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{146A6A45-4C40-4E79-BF59-E013D9253BB7}

[2011/08/10 17:52:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{6A69AF1D-D5AE-4650-9A0A-9255F52E75F0}

[2011/08/10 17:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{1F534055-C3E2-4CBB-954A-E5B83788C3F1}

[2011/08/10 17:52:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{9B8AD9CC-5429-41F1-A8F9-025150A8D10B}

[2011/08/10 17:52:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{FEB9AFE7-AB8E-483D-B499-178D637DAC0E}

[2011/08/10 17:52:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{0D93A359-2BB3-4F4B-AF2F-178CB10C10EB}

[2011/08/10 17:52:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7A7ACC70-E87C-45DA-9E3C-45680A22280B}

[2011/08/10 17:52:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{8E855DB3-EE39-4029-99E5-EDE1A807F822}

[2011/08/10 17:51:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{E6E387C7-9585-4843-B72B-B3DE3FE9411F}

[2011/08/10 17:51:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{F824A939-30A4-4531-8468-7576FBC2F50A}

[2011/08/10 17:51:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A9C1E2C4-4CF3-45D5-AF91-451933AB234A}

[2011/08/10 17:51:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{1772B2DE-59D0-44FA-9BDD-97C57810A817}

[2011/08/10 17:51:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{C3BF1467-7F23-4BB0-AF5E-4F409D8D9A28}

[2011/08/10 17:51:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{ED149B69-DEE0-44F6-9001-1A0580BDCDD9}

[2011/08/10 17:51:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{16C37C02-7D24-4E1F-AA9B-DF6FA6771B10}

[2011/08/10 17:51:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{C5E5AEEE-B3C6-4F8E-BFEA-D419F1EEDE55}

[2011/08/10 13:31:33 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{0BFA3921-AEBB-4E6A-87B6-446A14D65C38}

[2011/08/10 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{EE2440EE-BE05-4352-A750-134AF96530FE}

[2011/08/08 22:59:58 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{EFAF9DB5-5156-4B95-A0D7-88AF102689A3}

[2011/08/08 22:59:55 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{16FF028E-0EB8-4331-9CD6-2EABFF17D853}

[2011/08/08 09:24:44 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{A6D6EDC1-1358-4626-8276-F07D672B392F}

[2011/08/08 09:24:19 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{67C2EDFA-2096-4395-A65D-FA6047B0BB52}

[2011/08/07 22:57:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{9C268E8D-9C41-42FE-A1CA-3A49B42C634B}

[2011/08/07 22:57:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{A319DDB2-B91B-4B80-8A76-E580157237EA}

[2011/08/07 22:57:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{99CC8FAB-5CCB-4C34-A428-1C9305A8A308}

[2011/08/07 09:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{C3400674-E86A-4690-A2CD-78942C50A76F}

[2011/08/07 09:54:19 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{2C8B586A-2235-40D5-9180-65FD62264A74}

[2011/08/06 10:50:39 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{7EBBA89D-A837-4E68-87A7-EC53FB76D6D1}

[2011/08/06 10:50:29 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{A2CCAB98-02DE-4F34-8BBC-A2B84D884890}

[2011/08/05 11:11:56 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{D14F74D2-9A48-4D6A-BA1F-6D3996FE3C4E}

[2011/08/05 11:11:34 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{E0911278-1CAB-4CD0-9F70-583F7CD4E742}

[2011/08/04 15:01:19 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{7F73B26C-C578-4551-9512-03400872E1E3}

[2011/08/03 19:40:41 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{1B07D1A0-CC9A-48E9-82B7-5DF5440300B9}

[2011/08/02 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{4CD742EC-9F12-417F-8688-F24105C7DAA3}

[2011/08/02 16:29:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{0699EEC5-1DBF-4BA5-A444-679C60D24E41}

[2011/08/02 16:29:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{97DB15C7-1E55-45D9-A800-665F436BB4FD}

[2011/08/02 16:29:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{87F4196B-DAD2-466F-A451-C46997B8464D}

[2011/08/02 14:34:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{A22CC6B9-4281-4B16-A21D-1E0F8672E5FC}

[2011/08/02 14:34:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{CD313C21-CC0E-45CC-899F-BC84D51EED73}

[2011/08/02 14:34:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{6220AED0-2888-4FC2-8CBB-38B49DFACF06}

[2011/08/02 12:42:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{1C8A7BB0-EBB1-455C-AEF8-673F0A5CE0EC}

[2011/08/02 12:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{AF4CDA7F-57F9-4B41-91C8-32253D6BEDD2}

[2011/08/02 12:32:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{B5C5AE03-259F-47FF-B9D3-29482787EEF7}

[2011/08/02 12:32:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{E303EBBD-0C66-4F07-B237-0BFFDC31DA85}

[2011/08/02 11:11:45 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{1C408A48-8E80-4554-BB83-E430CB8DE5E0}

[2011/08/01 21:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2011/07/31 20:31:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{F1124F56-5EB0-4E53-AEB5-50DA346B7305}

[2011/07/31 20:31:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{F942650C-BE61-4A1B-B36C-7F875D7EB002}{FE3DAE22-53E7-4D5B-91FA-933FDA5031A6}

[2011/07/31 20:31:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{63AEB89A-7CA0-4707-A250-8D7752C5EEE9}{2C8CC34B-BAB9-475E-BC6C-C24243BBE173}

[2011/07/31 20:04:05 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Documents\gegl-0.0

[2011/07/31 15:28:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{ACE5E35E-CDCC-4741-9A32-06EC5C26FA9B}

[2011/07/31 15:28:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{03C2B494-B17F-4763-A4AD-E3076D2E7A1B}

[2011/07/31 15:27:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{CF8BA89D-A111-4C2C-B4EB-A1BC58B08E4E}

[2011/07/31 15:27:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{85A6492A-2CA8-41E5-9F02-A9723421DDDB}

[2011/07/31 15:27:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{56EE4144-748E-4E36-A1E1-9C3067678A59}

[2011/07/31 15:27:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{88747D0C-4D1B-4B60-A5DD-6E8B0A65DAC0}

[2011/07/31 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{D0CC9D91-5211-49FF-A8A0-397ED7F7856A}

[2011/07/31 15:26:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{FEF24B54-EA07-46C0-98A3-AE4F29EE41EE}

[2011/07/31 15:26:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{77165B0E-E2DE-4BCE-A69D-D2EC0697CA07}

[2011/07/31 15:26:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{01C46518-E41B-4EE0-B86B-FB5095650C61}

[2011/07/31 15:25:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{36C7D2EC-06C2-4796-A89F-93AD16CB453C}{D2A3F85F-1E68-417B-8F45-F8EDEFB70F4C}

[2011/07/31 15:25:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{E5B8661F-B660-4022-B1FD-6047C262554F}

[2011/07/31 15:25:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{A6F6B888-EEE6-4858-8263-90DA451A05AD}

[2011/07/31 15:25:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{441C29C1-59EB-453D-A377-9795B283F12E}

[2011/07/31 15:25:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{03747C69-0CA9-472A-9244-750A46E0E234}

[2011/07/31 15:25:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{4F4286AD-813E-4EE4-83D6-03351D27740E}

[2011/07/31 15:25:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{F9EA3B9C-019F-4410-884F-1653A8272DB8}

[2011/07/31 15:25:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{2A784665-0BF6-4BD3-8AE8-3E56E5B6DE78}

[2011/07/31 15:25:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{AF203312-8E02-4382-8BD5-C296BDBBB601}

[2011/07/31 15:25:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{C106E5D7-53BD-4418-90CE-8A3755837D29}

[2011/07/31 15:25:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{288A56EB-797D-419F-92CA-D871F8263BE3}

[2011/07/31 15:25:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{CA0F35C3-81A7-40A1-AEEA-2B62B4720FD9}

[2011/07/31 15:25:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{181FE7D6-EBB1-4665-8290-2F97EF0A15F1}

[2011/07/31 15:25:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{DAEA01B6-DD52-47F1-AD48-EDF9C30D6A51}

[2011/07/31 15:25:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{CAEA1694-DC5C-4E21-8B8F-BD527CCA1C74}

[2011/07/31 15:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{9A4521A4-FD3A-4725-9851-9B4A1369BA08}{68815C38-0CDD-438D-B4C8-759CE2A49FD2}

[2011/07/31 15:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{18B0529B-7ABB-4E5C-B36F-2A2F2B15ED09}

[2011/07/31 15:25:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{EA48B58B-3363-4889-96E0-2CF9E7D326D1}

[2011/07/31 15:25:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{33F90567-6C76-4F47-8835-7DC25E4A7895}

[2011/07/31 15:25:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{D0C60525-043B-4488-B693-90AC2588BF5E}

[2011/07/31 15:25:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{C50FE4B5-E80D-4608-B961-6E74875445B8}

[2011/07/31 15:25:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{82888264-9C97-4437-903D-A80171E267DE}

[2011/07/31 15:25:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{1ED8A208-95DB-4D67-A347-CE2CDD3122C3}

[2011/07/31 12:03:38 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{CF63F891-3F48-42C1-8ED1-F725A1623162}

[2011/07/30 12:23:53 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{7F644C8F-3ADF-4944-9D06-48E9C0FC43F3}

[2011/07/29 11:21:41 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{B49A0D5D-93D9-481E-8706-DCF29F07EA80}

[2011/07/28 23:21:14 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Local\{CAA51C24-6BC4-4F1E-B238-3C7093F4B73E}

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/08/27 22:31:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/08/27 22:30:53 | 001,551,212 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/08/27 22:30:53 | 000,704,924 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/08/27 22:30:53 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/08/27 22:30:53 | 000,130,940 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/08/27 22:30:53 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/08/27 22:24:11 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe

[2011/08/27 22:08:01 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/08/27 21:27:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/08/27 19:08:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/08/27 18:33:25 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

[2011/08/27 18:33:25 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

[2011/08/27 18:33:25 | 000,133,632 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

[2011/08/27 18:33:25 | 000,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

[2011/08/27 18:18:49 | 000,003,179 | ---- | M] () -- C:\Users\Matthieu\Desktop\Launch GameShadow.lnk

[2011/08/27 18:08:05 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\UFO Afterlight.lnk

[2011/08/27 17:28:17 | 000,000,008 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_1

[2011/08/27 17:18:56 | 000,000,173 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\D2Info0

[2011/08/27 13:05:06 | 000,000,008 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_2

[2011/08/27 11:59:59 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/27 11:50:42 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/08/27 11:50:42 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/08/27 11:41:28 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/08/27 11:41:28 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/08/27 11:41:28 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/08/27 11:18:28 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/08/27 11:06:32 | 3106,488,320 | -HS- | M] () -- C:\hiberfil.sys

[2011/08/20 23:44:44 | 000,000,008 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_3

[2011/08/17 19:07:35 | 000,002,052 | ---- | M] () -- C:\Users\Matthieu\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/08/16 10:57:42 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/08/13 18:23:59 | 000,443,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/08/08 10:35:15 | 000,035,152 | ---- | M] () -- C:\test.xml

[2011/08/03 23:41:21 | 1072,705,987 | ---- | M] () -- C:\Users\Matthieu\Desktop\Retour Vers Le Futur I (1985) - II (1989) - III (1990).mkv

[2011/08/03 23:32:11 | 451,284,050 | ---- | M] () -- C:\Users\Matthieu\Desktop\L'associé Du Diable.mkv

[2011/08/02 15:09:59 | 000,002,154 | ---- | M] () -- C:\Users\Matthieu\.recently-used.xbel

[2011/08/01 21:50:21 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2011/08/01 21:49:16 | 021,073,936 | ---- | M] () -- C:\Users\Matthieu\Documents\vlc-1.1.11-win32.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/08/27 22:31:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/08/27 18:32:50 | 015,306,105 | ---- | C] () -- C:\Users\Matthieu\Desktop\ufo_afterlight_patch_1_7.exe

[2011/08/27 18:18:49 | 000,003,179 | ---- | C] () -- C:\Users\Matthieu\Desktop\Launch GameShadow.lnk

[2011/08/27 18:08:05 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\UFO Afterlight.lnk

[2011/08/27 11:59:59 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/27 11:41:28 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/08/27 11:41:28 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/08/27 11:41:28 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/08/15 11:54:23 | 1072,705,987 | ---- | C] () -- C:\Users\Matthieu\Desktop\Retour Vers Le Futur I (1985) - II (1989) - III (1990).mkv

[2011/08/15 11:53:24 | 451,284,050 | ---- | C] () -- C:\Users\Matthieu\Desktop\L'associé Du Diable.mkv

[2011/08/02 15:09:59 | 000,002,154 | ---- | C] () -- C:\Users\Matthieu\.recently-used.xbel

[2011/08/01 21:50:21 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2011/08/01 21:48:55 | 021,073,936 | ---- | C] () -- C:\Users\Matthieu\Documents\vlc-1.1.11-win32.exe

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/01/22 19:44:15 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_6

[2011/01/22 19:01:48 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_5

[2011/01/22 18:56:37 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_4

[2011/01/22 18:50:30 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_3

[2011/01/22 18:03:27 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_1

[2011/01/22 17:52:48 | 000,000,173 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\D2Info0

[2011/01/22 17:52:48 | 000,000,008 | ---- | C] () -- C:\Users\Matthieu\AppData\Roaming\DofusAppId0_2

[2010/12/29 19:23:32 | 000,000,247 | ---- | C] () -- C:\Windows\SIERRA.INI

[2010/12/24 22:49:24 | 001,552,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/10/08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/07/13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010/07/12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2010/07/12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2010/07/12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2010/07/12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2010/07/12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2010/07/12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat

[2010/07/12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat

[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2011/06/25 02:09:12 | 000,000,000 | ---- | M] () -- C:\0x0304A000.sfl

[2011/08/27 11:06:32 | 3106,488,320 | -HS- | M] () -- C:\hiberfil.sys

[2010/08/05 14:33:34 | 000,321,038 | ---- | M] () -- C:\lv.log

[2011/08/27 11:06:35 | 4141,985,792 | -HS- | M] () -- C:\pagefile.sys

[2011/08/27 11:59:59 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/27 22:31:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010/08/05 13:57:06 | 000,002,935 | ---- | M] () -- C:\RHDSetup.log

[2010/08/05 14:33:28 | 000,000,073 | -H-- | M] () -- C:\splash.idx

[2011/08/08 10:35:15 | 000,035,152 | ---- | M] () -- C:\test.xml

[2010/06/23 00:14:20 | 000,004,112 | -H-- | M] () -- C:\version

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2011/06/21 07:34:48 | 010,989,568 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

[2011/06/21 07:34:48 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

[2010/12/21 07:36:16 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %systemroot%\system32\drivers\*.sys /90 >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8331D35A

 

< End of report >

 

le rapport Extra

 

OTL Extras logfile created on: 27/08/2011 22:28:40 - Run 1

OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Matthieu\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,86 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,68% Memory free

7,71 Gb Paging File | 5,38 Gb Available in Paging File | 69,81% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284,60 Gb Total Space | 124,59 Gb Free Space | 43,78% Space Free | Partition Type: NTFS

Drive D: | 4,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 2,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive I: | 3,79 Gb Total Space | 1,66 Gb Free Space | 43,89% Space Free | Partition Type: FAT32

Drive J: | 465,76 Gb Total Space | 146,50 Gb Free Space | 31,45% Space Free | Partition Type: NTFS

 

Computer Name: TOMMY | User Name: Matthieu | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}" = PMB VAIO Edition plug-in (Click to Disc)

"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1E37FC84-799E-481B-9462-3489861E36C9}" = PMB VAIO Edition plug-in (Click to Disc)

"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor

"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus

"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus

"{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007

"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B481FA4-F9BC-4E81-A9C5-CAEF3DD3130E}" = PMB VAIO Edition plug-in (VAIO Movie Story)

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety

"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Logiciel Intel® PROSet/Wireless WiFi

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"ProInst" = Intel PROSet Wireless

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{07441A52-E208-478A-92B7-5C337CA8C131}" = Lecture à distance avec PlayStation®3

"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech

"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish

"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm

"{21B20945-C837-4F6F-A4D4-80ECB462367C}" = Dawn of War - Soulstorm

"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 26

"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2

"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional

"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor

"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup

"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French

"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese

"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0

"{47AF4245-CD81-4353-BFC0-0A21A6EF483A}" = UFO Afterlight

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)

"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese

"{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = PMB VAIO Edition plug-in (VAIO Movie Story)

"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data

"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access

"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update

"{5DD0C5C2-D846-4468-9FDF-4900557562CF}" = GameShadow

"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = Prise en charge du transfert VAIO

"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Clavier à distance avec PlayStation 3

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian

"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger

"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian

"{70991E0A-1108-437E-BA7D-085702C670C0}" =

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3

"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare

"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish

"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2

"{7D842179-8C5B-468D-A247-7511C7112DF3}_is1" = Singe Facteur version 1.0

"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =

"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool

"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus

"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90140011-0066-040C-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Français

"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish

"{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0

"{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =

"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger

"{AC06B562-763A-4839-8422-F9C00BEF63E3}" = Iminent

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default

"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus

"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian

"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista

"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean

"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding

"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = Manuel VAIO

"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =

"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}" = PMB VAIO Edition plug-in (Click to Disc)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common

"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver

"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch

"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3

"{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}" = VAIO - Media Gallery

"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish

"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai

"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian

"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All

"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek

"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote

"{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"{FF1FC66F-536F-46BD-98E3-D8DA127A810E}" = PMB VAIO Edition Guide

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Akamai" = Akamai NetSession Interface

"ALUpdate_is1" = ALTools Update

"ALZip_is1" = ALZip

"Comical_is1" = Comical 0.8

"conduitEngine" = Conduit Engine

"DAEMON Tools Lite" = DAEMON Tools Lite

"ESET Online Scanner" = ESET Online Scanner v3

"FREEzeFrogSA" = FREEzeFrog

"Google Chrome" = Google Chrome

"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0

"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = VAIO - PMB VAIO Edition plug-in (Click to Disc)

"InstallShield_{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)

"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"InstallShield_{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)

"InstallShield_{FF1FC66F-536F-46BD-98E3-D8DA127A810E}" = VAIO - PMB VAIO Edition Guide

"LogMeIn Hamachi" = LogMeIn Hamachi

"Mozilla Firefox 6.0 (x86 fr)" = Mozilla Firefox 6.0 (x86 fr)

"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010

"OpenAL" = OpenAL

"Panda Cloud Antivirus" = Panda Cloud Antivirus

"Plantes contre Zombies" = Plantes contre Zombies

"PremElem80" = Adobe Premiere Elements 8.0

"PROPLUS" = Microsoft Office Professional Plus 2007

"splashtop" = VAIO Quick Web Access

"Spotify" = Spotify

"StarCraft II" = StarCraft II

"uTorrent" = µTorrent

"uTorrentBar_FR Toolbar" = uTorrentBar_FR Toolbar

"VAIO Help and Support" =

"VAIO screensaver" = VAIO screensaver

"VLC media player" = VLC media player 1.1.11

"WinLiveSuite" = Windows Live

"Xfire" = Xfire (remove only)

"YTdetect" = Yahoo! Detect

"ZHPDiag_is1" = ZHPDiag 1.28

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"QUICKMEDIACONVERTER" = QMC

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 11/08/2011 16:25:13 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:25:14 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:26:47 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:26:48 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:27:38 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:27:39 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:28:28 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 16:28:29 | Computer Name = Tommy | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Windows\system32\conhost.exe ».

Assembly

dépendant Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 11/08/2011 19:43:36 | Computer Name = Tommy | Source = .NET Runtime Optimization Service | ID = 1101

Description =

 

Error - 11/08/2011 19:50:27 | Computer Name = Tommy | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante VESMgrSub.exe, version : 5.3.0.5260,

horodatage : 0x4bfce620 Nom du module défaillant : VESColorMgr.dll, version : 5.3.0.5210,

horodatage : 0x4bf62002 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000e260

ID

du processus défaillant : 0x1f1c Heure de début de l’application défaillante : 0x01cc588170ce1232

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

Chemin

d’accès du module défaillant: C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll

ID

de rapport : aff2b67e-c474-11e0-85b5-eeaf756fdd8f

 

[ System Events ]

Error - 26/08/2011 15:03:33 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 26/08/2011 15:03:33 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 26/08/2011 15:03:33 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 26/08/2011 15:03:33 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 27/08/2011 05:13:40 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 27/08/2011 05:13:40 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 27/08/2011 05:13:40 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 27/08/2011 05:13:40 | Computer Name = Tommy | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 27/08/2011 05:59:56 | Computer Name = Tommy | Source = Application Popup | ID = 1060

Description = Le chargement de \??\C:\Users\Matthieu\AppData\Local\Temp\mbr.sys

a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur

de votre logiciel pour obtenir une version compatible du pilote.

 

Error - 27/08/2011 08:06:25 | Computer Name = Tommy | Source = Service Control Manager | ID = 7011

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la réponse transactionnelle du service VcmIAlzMgr.

 

 

< End of report >

 

Et pour finir le check up.

 

Results of screen317's Security Check version 0.99.18

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

ESET Online Scanner v3

Panda Cloud Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

McAfee SiteAdvisor

Java 6 Update 26

Adobe Flash Player 10.3.183.5

````````````````````````````````

Process Check:

objlist.exe by Laurent

Panda Security Panda Cloud Antivirus PSUNMain.exe

``````````End of Log````````````

Modifié le 27 août 2011 par Wabbi

[Dylav]

Bonjour Wabbi, salut Lance_yien,

 

Petite précision, conformément à vos instructions j'ai posté 4 messages différents et le forum les a fondus en un seul.

Normal. C'est le dispositif anti-flood qui fusionne automatiquement, pour un même membre [dans un même sujet], toutes ses contributions successives à intervalle inférieur à un certain délai paramétrable.

Sur Zébulon, si je me souviens bien, Yann a réglé ce délai à 2 minutes.

 

Pour obtenir 4 messages distincts, il t'aurait fallu patienter 2 minutes entre chaque postage

[lance_yien]

Bonjour,

 

Désolé pour ce problème que tu as eu pour poster tes rapports. J'aurai dû te le préciser.

--

 

>>> Désinstaller depuis Ajout/Suppression des programmes (si présents): FREEzeFrog, uTorrentBar_FR, DAEMON Tools Lite, ESET, Iminent,

 

 

>>> Correction OTL: (Re)brancher (et allumer) tous les médias amovibles disponibles et fermer toute s les applications et fenêtres en cours.

Désactiver les programmes de protection (antivirus etc...) et lancer OTL.

Copier et coller la liste suivante (commençant par :OTL) dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très importants, merci de vérifier).

 

:OTL

IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

[2011/08/17 21:39:22 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}

O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found

O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - File not found

O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.

O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - File not found

O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found

O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - File not found

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll (Conduit Ltd.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [EA Core] File not found

O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKCU..\Run: [ZortamMp3MediaStudio] File not found

O4 - Startup: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = File not found

[2011/08/27 19:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8331D35A

PRC - [2011/03/30 16:44:58 | 001,324,008 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\IMBooster\IMBooster.exe => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:20 | 000,038,888 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\fr\Iminent.Booster.UI.resources.dll => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:06 | 000,236,520 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Windows.dll => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:06 | 000,218,600 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Workflow.dll => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:04 | 001,869,288 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Services.dll => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:02 | 000,041,960 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Business.TinyUrl.dll => Infection PUP (Adware.IMBooster)

MOD - [2011/03/30 16:45:00 | 000,337,896 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Booster.UI.dll => Infection PUP (Adware.IMBooster)

[2011/07/08 21:21:59 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com => Infection BT (Adware.IMBooster)

O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - File not found => Infection PUP (Adware.IMBooster)

O4 - HKLM\..\Run: [iMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent) => Infection PUP (Adware.IMBooster)

O32 - AutoRun File - [2007/11/29 06:35:54 | 000,995,328 | R--- | M] () - D:\AutoPlay.exe -- [ UDF ] => Infection USB (Trojan.USB)

 

:Services

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{AC06B562-763A-4839-8422-F9C00BEF63E3}" = -

"FREEzeFrogSA" = -

"conduitEngine" = -

"DAEMON Tools Lite" = -

"ESET Online Scanner" = -

"uTorrent" = -

"uTorrentBar_FR Toolbar" = -

 

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\*.tmp

C:\Program Files (x86)\FREEzeFrog

C:\Users\Matthieu\AppData\Local\Temp\ZAN30F.exe

C:\Users\Matthieu\AppData\Local\Temp\nsr427.tmp\Install.dll

C:\Users\Matthieu\AppData\Local\Temp\nsw1D6.tmp\Install.dll

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3cc664c-3637539b

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\610e57d6-5e8b47ff

C:\Program Files (x86)\uTorrentBar_FR

C:\Program Files (x86)\DAEMON Tools Lite

C:\Program Files (x86)\Iminent

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur "Oui".

A la fin un rapport s'ouvre dans le bloc-note. Copier et le coller son contenu dans une nouvelle réponse. Fermer le rapport et OTL.

 

Autres soucis avec ta machine?

[Wabbi]

pas d'autre soucis, du moins à ma connaissance, en revanche après le redémarrage proposé par OTL mon écran était noir jusqu'à ce qu'une fenêtre s'affiche et me demande de l'exécuter. cela fait-il partit du processus normal ou est-ce un bug?

 

et voilà le rapport demander

 

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found.

File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found.

File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\searchplugin folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\modules folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\META-INF folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\defaults folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\components folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\chrome folder moved successfully.

C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\8fxl85b4.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} folder moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found.

File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found.

File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}\ not found.

File C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe moved successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent not found.

File C:\Program Files (x86)\uTorrent\uTorrent.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ZortamMp3MediaStudio deleted successfully.

C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk moved successfully.

C:\Program Files (x86)\ESET\ESET Online Scanner folder moved successfully.

C:\Program Files (x86)\ESET folder moved successfully.

ADS C:\ProgramData\TEMP:8331D35A deleted successfully.

No active process named IMBooster.exe => Infection PUP (Adware.IMBooster) was found!

Folder C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com => Infection BT (Adware.IMBooster)\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ not found.

Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.

C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe moved successfully.

File move failed. D:\AutoPlay.exe scheduled to be moved on reboot.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{AC06B562-763A-4839-8422-F9C00BEF63E3} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC06B562-763A-4839-8422-F9C00BEF63E3}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\FREEzeFrogSA not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\conduitEngine not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\DAEMON Tools Lite not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ESET Online Scanner not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\uTorrent not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\uTorrentBar_FR Toolbar not found.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Matthieu\Desktop\cmd.bat deleted successfully.

C:\Users\Matthieu\Desktop\cmd.txt deleted successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

File\Folder C:\*.sqm not found.

File\Folder C:\WINDOWS\System32\*.tmp not found.

C:\WINDOWS\msdownld.tmp folder moved successfully.

File\Folder C:\Program Files (x86)\FREEzeFrog not found.

File\Folder C:\Users\Matthieu\AppData\Local\Temp\ZAN30F.exe not found.

File\Folder C:\Users\Matthieu\AppData\Local\Temp\nsr427.tmp\Install.dll not found.

File\Folder C:\Users\Matthieu\AppData\Local\Temp\nsw1D6.tmp\Install.dll not found.

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3cc664c-3637539b moved successfully.

C:\Users\Matthieu\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\610e57d6-5e8b47ff moved successfully.

File\Folder C:\Program Files (x86)\uTorrentBar_FR not found.

C:\Program Files (x86)\DAEMON Tools Lite\Lang folder moved successfully.

C:\Program Files (x86)\DAEMON Tools Lite folder moved successfully.

C:\Program Files (x86)\Iminent\IMBooster\fr folder moved successfully.

C:\Program Files (x86)\Iminent\IMBooster folder moved successfully.

C:\Program Files (x86)\Iminent folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56468 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Matthieu

->Temp folder emptied: 7786915 bytes

->Temporary Internet Files folder emptied: 13932177 bytes

->Java cache emptied: 2030731 bytes

->FireFox cache emptied: 58870186 bytes

->Flash cache emptied: 58590 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 200243 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 404804 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 80,00 mb

 

 

[EMPTYFLASH]

 

User: Administrator

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Matthieu

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.26.6 log created on 08282011_112938

 

Files\Folders moved on Reboot...

File move failed. D:\AutoPlay.exe scheduled to be moved on reboot.

C:\Users\Matthieu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF01085534F9924FA8.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF052309BE026F76E8.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF20B3DA8A622902C7.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF34F5B079B306E76C.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF53893D5911B2D732.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF57447476211C05CF.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF5DE18D804C7FAFEE.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF63DBB0680C3A076A.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF6A7B5CA7C49C79C1.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DF87851FA27C365539.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFA38A07A5C0F0C9B5.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFA632E6D11895312F.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFA7992896B94703A6.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFB6A678924515AE0A.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFBCC1FF46BBD75106.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFD8D445D85AC917AC.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFE787831290F2AAA2.TMP not found!

File\Folder C:\Users\Matthieu\AppData\Local\Temp\~DFFD5BD176A2145E50.TMP not found!

File move failed. C:\Windows\temp\mavcperf-setup.log scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

[lance_yien]

... mon écran était noir jusqu'à ce qu'une fenêtre s'affiche et me demande de l'exécuter. cela fait-il partit du processus normal ou est-ce un bug?...

Oui, il lui fallait du temps avec tout ce qu'il y avait à supprimer

--

 

Certains points de ce qui suit ont été traités et d'autres peuvent ne pas s'appliquer à ton système, il faut juste les ignorer),

 

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC quand c'est demandé.

- Pour supprimer les autres utilitaires et leur rapports (sur le Bureau et/ou à la racine de la partition système), cliquer-droit dessus => "Supprimer".

 

 

>>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:

Cliquer-droit sur "Ordinateur" => "Propriétés" => "Protection Système". Cliquer sur le nom de la partition système (généralement C:) puis sur "Configurer" => "Supprimer" => "Continuer" (pour confirmer).

Cliquer sur "Fermer" puis "OK" => "OK" et attendre un moment.

Retourner dans "Protection système" et cliquer sur la partition => "Configurer" et sélectionner "Restaurer les paramètres système et les versions précédentes des fichiers"

Cliquer sur "OK" => "OK" et fermer la fenêtre.

Un nouveau point de restauration sera créé automatiquement.

 

 

>>> Vérifier/ Activer l'UAC: Parce qu'il y a de plus en plus de malware qui exploitent la désactivation de l'UAC (contrôle de compte utilisateur) de Windows (Vista et W7) pour installer des rootkits et parce que les pirates arrivent à le désactiver à distance pour prendre le contrôle d'une machine, garder ce module activé même s'il paraît, des fois, énervant. Ne leur facilitons pas la tâche.

Cliquer sur "Démarrer" => "Panneau de configuration". Cliquer sur " Comptes d'utilisateurs..." => "Modifier les paramètres de contrôle de compte utilisateur."

Régler le curseur comme indiqué ci-dessous:

 

 

 

>>> StartUpLite Il y a toujours des programmes qui se lancent initulement en même temps que Windows.

Télécharger, sur le Bureau, MBAM' StartUpLite depuis ici.

Fermer toutes les applications et autres fenêtres en cours et double-cliquer/ cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" pour lancer le programme qui affichera toutes les entrées inutiles en démarrage automatique.

Sélectionner ces entrées affichées et cliquer sur "Continue".

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

 

>>> Protéger/ Sécuriser: UN SEUL antivirus + UN SEUL pare-feu + UN SEUL antispyware.

• Y a-t-il un Pare-feu dans la machine? Un pare-feu est le 1er rempart contre les intrusions.
  - Ceux de Vista/ Windows 7 peuvent suffire, juste contrôler et activer si nécessaire depuis le "Centre de sécurité".
  - Celui inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'importance d'en installer un autre.
  Vérifier et choisir, si nécessaire, un parmi ceux-ci (gratuits): Online Armor Firewall, , Outpost Firewall FREE.
  
• Contrôler et configurer les mises à jour Windows:
  - Cliquer sur "Démarrer" => "Tous les programmes" => "Windows update" et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'ActiveX (si proposé).
  - ET, optez (si ce n'est pas encore fait) pour une MAJ Automatique à une heure où vous êtes sûr que votre PC n'est pas éteint.
  
• Installer PSI de Secunia pour surveiller les MAJ logiciels.
  
• Utiliser Mes drivers pour les MAJ des pilotes (cliquer sur Lancer la détection
  
• Sauvegarder le Registre avec Erunt.
  Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
  
• Immunisez votre machine avec Spyware Blaster, compatible avec Toutes les versions de Windows 32bit et 64bit. Tuto.
  
• Vaccinez votre machine et vos médias amovibles (clés USB...) avec MKV contre les "vers" (Autorun worms). Juste brancher tous les médias amovibles, lancer le programme et cliquer sur le bouton Vaccination (l'action est réversible en cliquant sur "Supprimer la vaccination".
  
• Opter pour Firefox ou Opera pour la navigation de tous les jours et réserver Internet Explorer pour les Mises à jour et les cas bien spécifiques.
  
• Nettoyer (CCleaner) et dé-fragmenter (Defraggler), régulièrement, les Partitions/ Disques.

 

>>> Ce qu'il faut ÉVITER ABSOLUMENT: Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, supprimer de votre machine tout ce qui est,

- Warez , Crack , keygen etc. Arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service. Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.

- Fini le partage entre des gens honnêtes. Les pirates, aussi, veulent partager avec le maximum d'internautes et mettent à disposition leurs applications partout où ils peuvent sous de faux noms aussi attractifs que possibles.

En plus le principe même de ce type de réseau n'est en rien bénéfique. Bien au contraire, vous autoriser tout le monde à utiliser votre bande passante et communiquer avec votre machine ce qui peut ralentir considérablement votre système et/ou peut faciliter la tâche aux intrus.

En adhérant à ce type de réseau, non seulement, vous ouvrez délibérément des portes à tout et n'importe quoi mais aussi, vous forcez votre pare-feu et antivirus à les tolérer (c'est compris dans la procédure d'installation). On s'étonne après de ce qui arrive ou on accuse son antivirus.

 

 

>>> Ajouter Résolu: Merci d'éditer ton 1er post pour ajouter [Résolu] à la fin du titre après avoir cliqué sur les boutons "Modifier" => "Utiliser l'éditeur complet".

 

Bonne chance!

[Dylav]

Le problème semble avoir trouvé sa solution.

Ainsi, afin de signaler clairement à ceux qui ont un problème similaire qu'ils ont peut-être une solution toute trouvée (s'ils pensent à utiliser la fonction Recherche en indiquant le mot-clé "résolu" auparavant), et afin de signaler aux autres contributeurs qu'il est inutile de continuer à se creuser la tête sur le problème (à moins d'avoir des suppléments d'informations à apporter pour mieux comprendre ce qui posait problème), un modérateur a préfixé le titre du topic avec la mention [résolu].

Merci, à l'avenir, de bien vouloir prendre à votre charge cette mise à jour quand vous estimez que votre problème a été résolu de manière satisfaisante (et parallèlement, si le problème a disparu "mystérieusement", inutile d'induire les gens en erreur ) Pour cela, votre premier message

[Wabbi]

arf pas assez rapide à répondre. désolé pour la gêne occasionné par mon manque de réactivité et merci pour l'aide apporter.

[Dylav]

No problem