Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

FilesBunker [3]

hollowmanf38
 Partager

Messages recommandés

hollowmanf38 Member

hollowmanf38

Posté(e)
Posté(e) (modifié)

bonjour
je suis nouveau sur le forum je me permet de vous donner le rapport après de moultes scan j'ai toujours des écritures vertes qui me renvoie vers des site de téléchargement impossible à dégager ca revient tout le temps
j'ai la version pro de Malwarebytes' Anti-Malware mais il ne trouve rien
voila mon rapport ZHP
~ Rapport de ZHPDiag v2014.4.11.19 - Nicolas Coolman (11/04/2014)
~ Lancé par ERIC (11/04/2014 23:51:29)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17041
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : P36YQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Kaspersky Anti-Virus v14.0.0.4651
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.09 =>.Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8129 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 179 GB (75%) free of 238 GB

---\\ Mode de connexion au système
~ Computer Name: ERIC-PC
~ User Name: ERIC
~ All Users Names: HomeGroupUser$, ERIC, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\ERIC\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\ERIC\AppData\Roaming\
~ %Desktop% : C:\Users\ERIC\Desktop\
~ %Favorites% : C:\Users\ERIC\Favorites\
~ %LocalAppData% : C:\Users\ERIC\AppData\Local\
~ %StartMenu% : C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 179 Go of 238 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1691 Go of 1863 Go)
E: Hard drive, Flash drive, Thumb drive (Free 327 Go of 1863 Go)
F: Hard drive, Flash drive, Thumb drive (Free 380 Go of 1397 Go)
G: Hard drive, Flash drive, Thumb drive (Free 319 Go of 1397 Go)
H: Hard drive, Flash drive, Thumb drive (Free 1132 Go of 1863 Go)
I: CD-ROM drive (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 1204 Go of 1397 Go)
K: CD-ROM drive (Not Inserted)
N: CD-ROM drive (Not Inserted)
O: Hard drive, Flash drive, Thumb drive (Free 534 Go of 932 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/11/2013 - 18:48:46.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/162
~ Mes Videos (My Videos) : 1/9
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/43
~ Mon Bureau (My Desktop) : 1/18
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.85A9BBED7AD3CA869956399AA9F3F20A] - (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400] [PID.1936]
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.3316]
[MD5.B96D82EA7BC9A842028559968E9570D4] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe [1004864] [PID.3992]
[MD5.D3B2B70E7E69CC8AE92725F0A632C6F7] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe [2768088] [PID.4744]
[MD5.293770C94202D1EA18EE27E0D3EB6A41] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032] [PID.4676]
[MD5.240B2FAC1D398715960BD31AF7152DD7] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328] [PID.5320]
[MD5.A4C98FD0EB19815374011C929B7D728A] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128] [PID.5840]
[MD5.1553313A94B927B65FCD27635BF49866] - (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224] [PID.6284]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5796]
[MD5.6A6C57E6000B3F3490F7FEAFF2D4CE15] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe [32667896] [PID.6536]
[MD5.CF329AF009865920DB34BD6FA6403D03] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760] [PID.6560]
[MD5.FDCF54D76E12FD8E731575CA35C573DB] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592] [PID.10072]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.8720]
[MD5.F8F5CC1BA3889C7C84899FA5F1906D80] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Plugins Native Messagi.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\plugin-nm-server.exe [771904] [PID.5184]
[MD5.1177E21C863C6BB21195AB51E6B86AC0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8210432] [PID.10696]
[MD5.2F6E80BA379883AF5A9C9BB7DD674A66] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.760]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2000]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1424]
[MD5.1A7A2CAC3B5AFABD6636B25DFE33CBAD] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232] [PID.2144]
[MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512] [PID.2288]
[MD5.A5E664DB01F89C32DB69F224F6CF1666] - (.CyberLink - Media Server Monitor Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576] [PID.2340]
[MD5.4404F7496CBDA9F5927D053D61933853] - (.CyberLink - Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432] [PID.2396]
[MD5.F191DF810E6AAA0651A723EAE8D249A9] - (.Hagel Technologies Ltd. - DU Meter Service.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2385304] [PID.2600]
[MD5.C34411A244029F1C08687F7C752C4563] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2520]
[MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2860]
[MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912] [PID.3144]
[MD5.6822CA012769844EB14FD6634F22C4F6] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192] [PID.3188]
[MD5.73FF2C17264E56EB3AD7F95412C04CCD] - (.Splashtop Inc. - Splashtop® Streamer Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [790880] [PID.3440]
[MD5.E671A14984D2FC6EAA324ADD17E62304] - (.Splashtop Inc. - Splashtop® Streamer.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe [3918176] [PID.3492]
[MD5.BEC3EFB8834FDA3F4F6C63555F7A0741] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296] [PID.3548]
[MD5.3920745BC3FDB1D4E8E86232AA6BBC4A] - (.Splashtop Inc. - Splashtop® Streamer Feature.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe [7169376] [PID.4532]
[MD5.89CB56C80DF2DEA6315694CDF5B7C04E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.9676]
[MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432] [PID.3756]
[MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel® Local Management Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [366552] [PID.5344]
[MD5.E59AFB64C2F6E0C99350E1C944C75088] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [762192] [PID.8624]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.6388]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [user Data\Default] [anakpfpojdnocblgejmienjaaggfgbdj] Meteo en France v.3.1 (Désactivé)
G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [user Data\Default] [blbkdnmdcafmfhinpmnlhhddbepgkeaa] Kaspersky Protection v.1.18, (Activé)
G2 - GCE: Preference [user Data\Default] [boadgeojelhgndaghljhdicfkmllpafd] Google Cast v.14.305.0.0, (Activé)
G2 - GCE: Preference [user Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [user Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] URL Advisor v.14.0.0.4651 (Désactivé)
G2 - GCE: Preference [user Data\Default] [edkonmaeaeehdmjbgigneocajjibpack] Bouton pour PayPalâ„¢ v.1.14.0.0, (Activé)
G2 - GCE: Preference [user Data\Default] [ejjicmeblgpmajnghnpcppodonldlgfn] Google Agenda v.4.5.3 (Activé)
G2 - GCE: Preference [user Data\Default] [ejnkaeblpdcamcioiiabclakabcbjmbl] Box - 10GB of FREE storage v.1.1.7 (Activé)
G2 - GCE: Preference [user Data\Default] [fapbbpdnlcmiolkdfjnnjhabmcndadad] Mé©o v.0.9.0.6 (Activé)
G2 - GCE: Preference [user Data\Default] [fjkkongamjdfggeifeicejegagbhhjlf] Cinémur v.2.1 (Activé)
G2 - GCE: Preference [user Data\Default] [gceeodfjmkoilhaoehbnhofdpobaohnm] Facebook One v.1.1 (Activé)
G2 - GCE: Preference [user Data\Default] [hgecghmkcdefnknohcimkoemhaofpoha] PDF Mergy v.0.5.4 (Activé)
G2 - GCE: Preference [user Data\Default] [jijgclgmgjipgefcnnnibgllfonlfdap] Pocket Website v.1.0.2 (Activé)
G2 - GCE: Preference [user Data\Default] [kdkgihpbaofhkiliohfepioflkkbapao] Calculatrice v.1.0.9 (Activé)
G2 - GCE: Preference [user Data\Default] [lneaknkopdijkpnocmklfnjbeapigfbh] Google Maps v.5.2.7 (Activé)
G2 - GCE: Preference [user Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [user Data\Default] [mjcnijlhddpbdemagnpefmlkjdagkogk] Pocket v.0.701 (Activé)
G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nffchahhjecejoiigmnhhicpoabngedk] OneDrive v.1.0.4 (Activé)
G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nlmbdmpjmlijibeockamioakdpmhjnpk] Twitch Now v.1.1.55, (Activé)
G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [user Data\Default] [onhbegdkgonhlokobjefolhpoidcnida] Synology Download Station v.2.1.3, (Activé)
G2 - GCE: Preference [user Data\Default] [poohjpljfecljomfhhimjhddddlidhdd] Twitch Giveaways v.1.5.4 (Activé)

---\\ Liste des dossiers d'extension Google Chrome

~ Google Lines Browser: 54 Legitimates Filtered in 00mn 06s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Air Video Server HD.lnk . (.inMethod - Air Video Server HD.) -- C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe
O4 - GS\Desktop [Public]: ASUS PC Diagnostics.lnk . (...) -- C:\Windows\Installer\{D709005F-D8DC-42A8-8435-5AE880ECAF82}\_819741F18861FB75FAEF03.exe
O4 - GS\Desktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Battle.net Setup.) -- D:\Jeux\Battle.net\Battle.net Launcher.exe
O4 - GS\Desktop [Public]: Broken Sword 5 - the Serpent's Curse.lnk . (...) -- D:\Jeux\Broken Sword 5\BS5.exe
O4 - GS\Desktop [Public]: Castlevania Lords of Shadow 2.lnk . (.Mercury Steam Entertainment S.L. - Castlevania: Lords of Shadow 2.) -- D:\Jeux\Castlevania Lords of Shadow 2\bin\CLOS2.exe
O4 - GS\Desktop [Public]: Diablo III.lnk . (.Blizzard Entertainment - Diablo III Setup.) -- D:\Jeux\Diablo III\Diablo III Launcher.exe
O4 - GS\Desktop [Public]: foobar2000.lnk . (.Piotr Pawlowski - foobar2000.) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
O4 - GS\Desktop [Public]: GeForce Experience.lnk . (.NVIDIA - NVIDIA GeForce Experience.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Docs.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - GS\Desktop [Public]: Google Sheets.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - GS\Desktop [Public]: Google Slides.lnk . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - GS\Desktop [Public]: Kaspersky Anti-Virus.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
O4 - GS\Desktop [Public]: LightScribe.lnk . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
O4 - GS\Desktop [Public]: My LastPass Vault.lnk - Clé orpheline
O4 - GS\Desktop [Public]: PC Scan & Repair by Reimage.lnk . (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (.not file.) =>Rogue.ReimageRepair
O4 - GS\Desktop [Public]: Sonos.lnk . (.Sonos, Inc. - Sonos Desktop Controller.) -- C:\Program Files (x86)\Sonos\Sonos.exe
O4 - GS\Desktop [Public]: StarCraft II.lnk . (.Blizzard Entertainment - StarCraft II Setup.) -- D:\Jeux\StarCraft II\StarCraft II.exe
O4 - GS\Program [Public]: Castlevania Lords of Shadow 2.lnk . (.Mercury Steam Entertainment S.L. - Castlevania: Lords of Shadow 2.) -- D:\Jeux\Castlevania Lords of Shadow 2\bin\CLOS2.exe
O4 - GS\Program [Public]: foobar2000.lnk . (.Piotr Pawlowski - foobar2000.) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (.not file.)
O4 - GS\QuickLaunch [ERIC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [ERIC]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [ERIC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [ERIC]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [ERIC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [ERIC]: Lanceur d'applications Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [ERIC]: Shortcut_Module.lnk . (...) -- C:\Users\ERIC\Downloads\Programs\Shortcut_Module.exe
O4 - GS\Program [ERIC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [ERIC]: Qobuz Desktop.lnk . (...) -- C:\Users\ERIC\AppData\Local\QobuzDesktop\QobuzDesktop.exe
O4 - GS\SystemTools [ERIC]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [ERIC]: Box Sync.lnk . (...) -- C:\Users\ERIC\Box Sync
O4 - GS\Desktop [ERIC]: Chromecast.lnk . (.Google - ChromecastApp.) -- C:\Users\ERIC\AppData\Local\Google\Chromecast\ChromecastApp.exe
O4 - GS\Desktop [ERIC]: Google Drive.lnk . (...) -- C:\Users\ERIC\Google Drive
O4 - GS\Desktop [ERIC]: Lanceur d'applications Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [ERIC]: MPC-HC x64.lnk . (.MPC-HC Team - MPC-HC.) -- C:\Program Files\MPC-HC\mpc-hc64.exe
O4 - GS\Desktop [ERIC]: Newsbin for RegNow 64.lnk . (.CMCEI - NewsbinPro Newsgroup Reader.) -- C:\Program Files\Newsbin\NewsbinPro64.exe
O4 - GS\Desktop [ERIC]: Newsbin Pro 64.lnk . (.CMCEI - NewsbinPro Newsgroup Reader.) -- C:\Program Files\Newsbin\NewsbinPro64.exe
O4 - GS\Desktop [ERIC]: Qobuz Desktop.lnk . (...) -- C:\Users\ERIC\AppData\Local\QobuzDesktop\QobuzDesktop.exe
~ Global Startup: 113 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [ERIC]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_DTS] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Bluetooth Suite\btvstack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Bluetooth Suite\athbttray.exe
O4 - HKLM\..\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [shadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [boxSync] . (.Box, Inc. - Box Sync.) -- c:\Program Files\Box\Box Sync\BoxSync.exe
O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe
O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKCU\..\Run: [skyDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] . (.Disc Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKLM\..\Wow6432Node\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [skyDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [DAEMON Tools Pro Agent] . (.Disc Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kbrd.ico
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~3\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~3\Office15\ONBTTN~1.dll (.not file.)
O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{25EDB71D-2993-49A5-B3D6-A32AA9BF12B5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe (.not file.) =>Rogue.ReimageRepair
~ Services: 29 Legitimates Filtered in 00mn 10s



---\\ Tâches planifiées en automatique (O39)
[MD5.83AC88E59AED154D19915169ADF0FAAD] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3727360] =>Trojan.Keygen
[MD5.00000000000000000000000000000000] [APT] [Reimage Reminder] (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe (.not file.) [0] =>Rogue.ReimageRepair
~ Scheduled Task: 21 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Broken Sword 5 - (.Revolution Software Ltd.) [HKLM][64Bits] -- Broken Sword 5_is1
~ Logic: 29 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Filseclab]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\Shortcut_Module]
~ Key Software: 337 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/03/2014 - 07:51:32 - [42,963] ----D C:\Program Files (x86)\AirVideoServer HD
O43 - CFD: 11/04/2014 - 21:14:42 - [0] ----D C:\ProgramData\CDB
O43 - CFD: 03/04/2014 - 17:32:31 - [3,995] ----D C:\Users\ERIC\AppData\Local\AirVideoServerHD
O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieSiteList
O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieUserList
~ Program Folder: 218 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304] =>Trojan.Staser
O44 - LFC:[MD5.E23EC527101E4FBC2B41D54476ECCA32] - 09/04/2014 - 21:49:13 ---A- . (...) -- C:\Windows\ntbtlog.txt [133776]
O44 - LFC:[MD5.14025A53056C9DDB2477E2AEECED6506] - 11/04/2014 - 20:15:17 ---A- . (...) -- C:\Windows\Reimage.ini [155] =>Rogue.ReimageRepair
O44 - LFC:[MD5.8029883B519D30BC6260BAC87E0561D4] - 11/04/2014 - 20:43:48 ---A- . (...) -- C:\Shortcut_Module_11_04_2014_21_43_48.txt [62047]
O44 - LFC:[MD5.97C99280B5C1C56F616C5DAD691BCDE4] - 11/04/2014 - 22:12:04 ---A- . (...) -- C:\Shortcut_Module_11_04_2014_23_12_04.txt [36353]
~ Files: 78 Legitimates Filtered in 00mn 01s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Browser Infrastructure Helper [Key] . (...) -- C:\Users\ERIC\AppData\Local\Smartbar\Application\SnapDo.exe (.not file.) =>Hijacker.SmartBar
~ SMSR Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.929DF302F15BFE24AC66EF45D858C413] - 28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480]
O58 - SDL:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304] =>Trojan.Staser
O58 - SDL:[MD5.74D30C2EF66C2EB19F17ED5423AA8038] - 23/03/2014 - 16:32:30 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.798DE15F187C1F013095BBBEB6FB6197] - 21/08/2012 - 19:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
O58 - SDL:[MD5.1392B92179B07B672720763D9B1028A5] - 03/08/2010 - 06:21:24 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
~ Drivers: 18 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {553E46AB-BBDA-49D4-8381-7958D86D06F1} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "D7E5B2DADAAEEB34195BE073BA1B0C94" . (.Zappiti Media Center.) -- C:\Windows\Installer\{AD2B5E7D-EAAD-43BE-91B5-0E37ABB1C049}\favicon.exe
~ Update Products: 109 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.075A7EA5CCC1529097D3122D6AE7BCCF] [WIS][11/04/2014] (.Box, Inc. - Box Sync.) -- C:\Windows\Installer\22f86.msi [15478784]
~ WIS: 111 Legitimates Filtered in 00mn 11s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 10/03/2014 28768 | (BoxSyncUpdateService) . (.Box Inc..) - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
SS - | Demand 14/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/02/2013 820184 | (Intel® Capability Licensing Service TCP IP Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 13/06/2013 357144 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SS - | Auto 10/07/1658 0 | (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe =>Rogue.ReimageRepair
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 29/10/2012 927232 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
SR - | Auto 29/11/2012 232064 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 12/10/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/07/2013 77576 | (CyberLink PowerDVD 13 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
SR - | Auto 05/07/2013 327432 | (CyberLink PowerDVD 13 Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
SR - | Auto 02/10/2012 240584 | (DTSAudioSvc) . (.DTS, Inc.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
SR - | Auto 01/03/2013 2385304 | (DUMeterSvc) . (.Hagel Technologies Ltd..) - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
SR - | Auto 15/04/2013 400864 | (EyeTV Netstream) . (.Elgato Systems GmbH.) - C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
SR - | Auto 14/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 02/07/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/02/2013 731648 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 03/01/2013 183200 | (Intel® PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
SR - | Auto 04/03/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 02/04/2014 1615192 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 02/04/2014 20541216 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 27/03/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 07/03/2014 790880 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
SR - | Auto 26/03/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/11/2012 327296 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 06/07/2013 130320 | ({09F57980-3432-4AFC-957D-27AC45FAE1F5}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl

~ Services: Scanned in 00mn 03s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.74D30C2EF66C2EB19F17ED5423AA8038] - 23/03/2014 - 16:32:30 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
~ Emulateurs: Scanned in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (11/04/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtection] =>Rogue.ReimageRepair^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Browser Infrastructure Helper] =>Hijacker.SmartBar^
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 308728 Items scanned in 00mn 18s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/26633218-rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser
http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ MSI: 3 link(s) detected in 00mn 00s



~ 1344 Legitimates filtered by white list
End of the scan (542 lines in 01mn 07s)(0)


___________________ EDIT ______________________

Message désimbriqué du sujet d'origine pour en faire un sujet personnalisé et à part entière :http://forum.zebulon.fr/filesbunker-t206439.html/page-2?do=findComment&comment=1716636.
Tonton

Modifié par Tonton
Désimbrication message

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Télécharger RogueKiller (by tigzy) sur le bureau
En fonction de votre système ,choisissez la version 32 ou 64 bits
Quitter tous les programmes
Lancer RogueKiller.exe.Acceptez le disclaimer
Patienter le temps du Prescan ...
En cas de blocage Renommer RogueKiller.exe -> winlogon.exe
Cliquer sur Scan.
Cliquer sur Rapport et copier/coller le contenu

Nettoyage

Dans l'onglet "Registre", décocher les lignes que vous avez volontairement modifiées
(Si vous n'avez rien modifié ,vous n'avez donc pas de raison valable d'en décocher. )
Cliquer sur Suppression. Cliquer sur Rapport et copier/coller le contenu
Cliquer sur Host RAZ. Cliquer sur Rapport et copier/coller le contenu
Cliquer sur Proxy RAZ. Cliquer sur Rapport [/b]et copier/coller le contenu
Cliquer sur DNS RAZ. Cliquer sur Rapport[/b]etcopier/coller le contenu
Cliquer sur Racc. RAZ. Cliquer sur Rapport[/b] et copier coller le contenu du notepad
Sauf avis contraire, ne touchez pas aux index SSDT
Dans l'onglet Driver, réparer les index SSDT suivants en faisant un clic droit sur leur ligne => Restaurer SSDT
(Liste des index)

Note. Le bouton Suppression ne sera pas accessible tant que le scan n'aura pas été fait
Il y aura 6 rapports à poster



Important:
*- Si vous utilisez Malwarebytes Anti-Malware PRO, il faut le désinstaller et faire redémarrer le PC, avant d'installer la version 2.0
Mais les licences "à vie" de la version 1.x seront reportées sur la version 2.x.



Téléchargez Malwarebytes Anti-Malware
Ici
ou là:
et enregistrez-le sur le Bureau.
Faites un double clic sur mbam-setup-2.0.0.1000.exe et suivez les invites pour installer le programme.
Cliquer Setting pour le mettre en Français
vérifiez que cette cases Lancer Malwarebytes Anti-Malware est bien cochée.
Un essai gratuit de 14 jours des fonctions de la version Premium(payante) est pré-sélectionné, décochez le.
Cela ne diminuera pas les capacités d'analyse et de suppression du programme.
Cliquez sur Terminer.

580581Capture1.png

Dans l'onglet Paramètres > Sous-onglet Détection et Protection, Options de détection, cochez la case située devant Recherche de Rootkits
Sur le Tableau de bord, cliquez sur le lien Mettre à jour .
Si , par la suite, vos bases de données sont obsolètes vous en serez averti et invtié à Corriger maintenant.
679073Capture.png
Après la mise à jour,Connecter les supports amovibles (USB) et cliquer sur Examen-> Examen personnalisé
Cochez tout
cliquez sur le bouton Examiner maintenant .

Si des élémentss ont détectés, cliquez sur Appliquer les actions pour que MBAM nettoye ce qu'il a détecté.
Dans la plupart des cas, un redémarrage sera nécessaire.
Attendez l'affichage du message vous invitant à faire redémarrer le PC, puis cliquez sur Oui

(Copier dans le Presse-papiers pour coller dans une réponse sur le forum)
Après le redémarrage, quand vous êtes de retour sur le Bureau, ouvrez de nouveau MBAM.
Cliquez sur l'onglet Historique > Journaux de l'application.
Faites un double clic sur le Journal d'examen dont les date et heure correspondent à l'analyse qui vient d'être effectuée.
Cliquez sur Afficher puis Copier dans le Presse-papiers
Collez le contenu du Presse-papiers dans votre prochaine réponse.




hollowmanf38 Member

hollowmanf38

Posté(e)
  • Auteur
Posté(e)
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : ERIC [Droits d'admin]
Mode : HOSTS RAZ -- Date : 04/13/2014 08:30:21
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Nouveau fichier HOSTS: ¤¤¤
127.0.0.1 localhost
Termine : << RKreport[0]_H_04132014_083021.txt >>
RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt
RKreport[0]_H_04132014_082711.txt;RKreport[0]_S_04122014_175500.txt;RKreport[0]_S_04132014_082646.txt
RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : ERIC [Droits d'admin]
Mode : Proxy RAZ -- Date : 04/13/2014 08:30:49
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[0]_PR_04132014_083049.txt >>
RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt
RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt
RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : ERIC [Droits d'admin]
Mode : DNS RAZ -- Date : 04/13/2014 08:31:19
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[0]_DN_04132014_083119.txt >>
RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt
RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt
RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.tx
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : ERIC [Droits d'admin]
Mode : Raccourcis RAZ -- Date : 04/13/2014 08:32:04
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 0 / Fail 0
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 0
Mes videos: Success 0 / Fail 0
Disques locaux: Success 0 / Fail 0
Sauvegarde: [NOT FOUND]
Lecteurs:
[C:] \Device\HarddiskVolume8 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume9 -- 0x3 --> Restored
[F:] \Device\HarddiskVolume12 -- 0x3 --> Restored
[G:] \Device\HarddiskVolume11 -- 0x3 --> Restored
[H:] \Device\HarddiskVolume10 -- 0x3 --> Restored
[i:] \Device\CdRom1 -- 0x5 --> Skipped
[J:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[K:] \Device\CdRom0 -- 0x5 --> Skipped
[N:] \Device\CdRom2 -- 0x5 --> Skipped
[O:] \Device\HarddiskVolume1 -- 0x3 --> Restored
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[0]_SC_04132014_083204.txt >>
RKreport[0]_D_04122014_175704.txt;RKreport[0]_D_04132014_082700.txt;RKreport[0]_H_04122014_175614.txt
RKreport[0]_H_04132014_082711.txt;RKreport[0]_H_04132014_083021.txt;RKreport[0]_S_04122014_175500.txt
RKreport[0]_S_04132014_082646.txt;RKreport[0]_S_04132014_083005.txt;RKreport[0]_S_12042014_180558.txt

voila les rapports mais j'ai toujours filebuker avec les liens verts

hollowmanf38 Member

hollowmanf38

Posté(e)
  • Auteur
Posté(e)

un autre rapport avec frst.exe

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by ERIC (administrator) on ERIC-PC on 13-04-2014 09:01:20
Running from C:\Users\ERIC\Downloads\Programs
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ultracopier.first-world.info) C:\Program Files\Ultracopier\ultracopier.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google Inc.) C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
() c:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\ERIC\Downloads\Programs\FRST64_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023104 2012-11-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Atheros Commnucations)
HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-07-02] (Intel Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [boxSync] - c:\Program Files\Box\Box Sync\BoxSync.exe [13221784 2014-04-07] (Box, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-12] (Razer Inc.)
HKLM-x32\...\Run: [sDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [ultracopier] - C:\Program Files\Ultracopier\ultracopier.exe [1113088 2014-02-19] (ultracopier.first-world.info)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [skyDrive] - C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-04] (Microsoft Corporation)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [Google Update] - C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-21] (Google Inc.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400 2013-03-01] (Hagel Technologies Ltd.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000\...\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ultracopier] - C:\Program Files\Ultracopier\ultracopier.exe [1113088 2014-02-19] (ultracopier.first-world.info)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skyDrive] - C:\Users\ERIC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-04] (Microsoft Corporation)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] - C:\Users\ERIC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-21] (Google Inc.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400 2013-03-01] (Hagel Technologies Ltd.)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2166185552-2205534352-89382135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_865C76E5084CC7121627C739387D946B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
Startup: C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ERIC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ldlc.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BE2D771-ECE0-4C7D-9A66-7EB35F87B8B8} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {553E46AB-BBDA-49D4-8381-7958D86D06F1} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ERIC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ERIC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-14]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-15]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ERIC\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ERIC\AppData\Roaming\IDM\idmmzcc5 [2014-04-04]
Chrome:
=======
CHR Extension: (Meteo en France) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\anakpfpojdnocblgejmienjaaggfgbdj [2014-04-11]
CHR Extension: (Documents Google) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11]
CHR Extension: (Google Drive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (Kaspersky Protection) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-04-11]
CHR Extension: (YouTube) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Google Cast) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-11]
CHR Extension: (Facebook) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-04-11]
CHR Extension: (Twitter for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdoinklelehcpndgmcddkkdhibpoglnk [2014-04-11]
CHR Extension: (Adblock Plus) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-11]
CHR Extension: (PagesJaunes) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2014-04-11]
CHR Extension: (Dailymotion) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckopbmcmofndcicfgnlfcelnphemljme [2014-04-11]
CHR Extension: (Recherche Google) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (Bouton pour PayPal) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\edkonmaeaeehdmjbgigneocajjibpack [2014-04-11]
CHR Extension: (Google Agenda) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-04-11]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-04-11]
CHR Extension: (Météo) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-04-11]
CHR Extension: (Cinémur) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkkongamjdfggeifeicejegagbhhjlf [2014-04-11]
CHR Extension: (Full Screen Weather) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-04-11]
CHR Extension: (Facebook One) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceeodfjmkoilhaoehbnhofdpobaohnm [2014-04-11]
CHR Extension: (Facebook for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-04-11]
CHR Extension: (Enregistrer dans Google Drive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-04-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-04-11]
CHR Extension: (PDF Mergy) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-04-11]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-04-11]
CHR Extension: (Dropbox) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-11]
CHR Extension: (IDM Integration Module) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-04-11]
CHR Extension: (Pocket Website) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2014-04-11]
CHR Extension: (Calculatrice) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-04-11]
CHR Extension: (Google Play) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-04-11]
CHR Extension: (Google Maps) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-04-11]
CHR Extension: (Pocket) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-04-11]
CHR Extension: (LastPass Vault) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-04-11]
CHR Extension: (OneDrive) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-04-11]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-04-11]
CHR Extension: (Twitch Now) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2014-04-11]
CHR Extension: (Google Wallet) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11]
CHR Extension: (Deezer) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-04-11]
CHR Extension: (Synology Download Station) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhbegdkgonhlokobjefolhpoidcnida [2014-04-11]
CHR Extension: (Picasa) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-04-11]
CHR Extension: (Instagram for Chrome) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-04-11]
CHR Extension: (Gmail) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]
CHR Extension: (Twitch Giveaways) - C:\Users\ERIC\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-12]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-04-03]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-12] (Kaspersky Lab ZAO)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28768 2014-03-10] (Box Inc.)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2385304 2013-03-01] (Hagel Technologies Ltd.)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems GmbH)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Atheros)
S2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ATSZIO; C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [19584 2013-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-27] (Disc Soft Ltd)
S3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [20968 2013-03-01] (Hagel Technologies Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-02] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-15] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-27] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-27] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-12] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-03-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-12] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-03-15] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-23] (Duplex Secure Ltd.)
R3 stdpms; C:\Windows\System32\DRIVERS\stdpms.sys [28904 2014-02-28] (Splashtop Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S3 cpuz134; \??\C:\Users\ERIC\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-13 08:50 - 2014-04-13 08:50 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 08:50 - 2014-04-13 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 08:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-13 08:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-13 08:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-13 08:42 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-11 23:37 - 2014-04-11 23:37 - 00002340 _____ () C:\Users\ERIC\Desktop\Lanceur d'applications Google Chrome.lnk
2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2014-04-11 23:36 - 2014-04-11 23:36 - 00002260 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieUserList
2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieSiteList
2014-04-11 22:58 - 2014-04-11 23:12 - 00036353 _____ () C:\Shortcut_Module_11_04_2014_23_12_04.txt
2014-04-11 22:33 - 2014-04-11 22:33 - 00000624 _____ () C:\Users\ERIC\Desktop\JRT.txt
2014-04-11 22:24 - 2014-04-11 22:33 - 00010239 _____ () C:\Users\ERIC\Desktop\SFTGC.txt
2014-04-11 22:22 - 2014-04-11 22:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 22:19 - 2014-04-11 23:51 - 00001994 _____ () C:\Users\ERIC\Desktop\ZHPFix.lnk
2014-04-11 22:19 - 2014-04-11 23:51 - 00001867 _____ () C:\Users\ERIC\Desktop\ZHPDiag.lnk
2014-04-11 22:19 - 2014-04-11 23:51 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ZHP
2014-04-11 22:19 - 2014-04-11 23:51 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-11 21:56 - 2014-04-13 09:01 - 00000000 ____D () C:\FRST
2014-04-11 21:29 - 2014-04-11 23:12 - 00000000 ____D () C:\Shortcut_Module
2014-04-11 21:29 - 2014-04-11 21:43 - 00062047 _____ () C:\Shortcut_Module_11_04_2014_21_43_48.txt
2014-04-11 21:15 - 2014-04-11 21:15 - 00003428 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-04-11 21:14 - 2014-04-11 21:15 - 00000000 ____D () C:\rei
2014-04-11 21:14 - 2014-04-11 21:14 - 00000000 ____D () C:\ProgramData\CDB
2014-04-11 21:13 - 2014-04-11 21:15 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-11 20:56 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 20:56 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 20:56 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 20:56 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-11 20:56 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 20:56 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 20:56 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 20:56 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 20:56 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 20:56 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 20:56 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-11 20:56 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 20:56 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 20:56 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 20:56 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 20:56 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 20:56 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 20:56 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 20:56 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 20:56 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-11 20:56 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-11 20:56 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-11 20:56 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 20:56 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 20:56 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-11 20:56 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-11 20:56 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-11 20:56 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-11 20:56 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 20:56 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-11 20:56 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-11 20:56 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-11 20:56 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-11 20:56 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 20:56 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-11 20:56 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 20:56 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-11 20:56 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-11 20:56 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 20:56 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-11 20:56 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-11 20:56 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-11 20:56 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 20:56 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-11 20:56 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 20:56 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-11 20:56 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-11 20:56 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-10 21:15 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 21:15 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 21:15 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 21:15 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 21:15 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 21:15 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 21:15 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 21:15 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 21:15 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 21:15 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 21:15 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 21:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 21:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 21:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 21:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 21:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 21:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 21:07 - 2014-04-13 08:42 - 00008244 _____ () C:\Windows\PFRO.log
2014-04-09 23:48 - 2014-04-10 00:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-09 23:48 - 2014-04-09 23:48 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-09 23:48 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-04-09 22:47 - 2014-04-13 08:42 - 00003024 _____ () C:\Windows\setupact.log
2014-04-09 22:47 - 2014-04-09 22:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-08 20:04 - 2014-04-12 00:08 - 00003928 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-04-08 19:49 - 2014-04-08 19:49 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin Pro 64.lnk
2014-04-08 19:49 - 2014-04-08 19:49 - 00000855 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-04-08 19:49 - 2014-04-08 19:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Newsbin6
2014-04-08 19:01 - 2014-04-08 19:01 - 00000000 ____D () C:\Windows\system32\log
2014-04-08 19:01 - 2014-04-08 15:07 - 00034304 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-04-08 18:07 - 2014-04-08 18:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VS Revo Group
2014-04-08 18:06 - 2014-04-08 18:06 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-08 18:06 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-04-08 16:57 - 2014-03-26 23:40 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-08 16:56 - 2014-03-27 14:45 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-08 16:56 - 2014-03-27 14:45 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 09697128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-08 16:56 - 2014-03-27 14:45 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-08 16:50 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-08 16:50 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-05 13:52 - 2014-04-05 13:52 - 00000000 ____D () C:\Users\ERIC\Documents\MercurySteam
2014-04-05 13:51 - 2014-04-05 13:51 - 00000633 _____ () C:\Users\Public\Desktop\Castlevania Lords of Shadow 2.lnk
2014-04-03 15:43 - 2013-11-28 02:24 - 00175480 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2014-04-03 15:10 - 2012-07-18 00:40 - 00120920 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-03-30 11:43 - 2014-03-30 11:43 - 00000000 ____D () C:\Windows\Replay Video Capture
2014-03-30 11:37 - 2014-03-30 11:38 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Nero
2014-03-30 11:37 - 2014-03-30 11:37 - 00000000 ____D () C:\ProgramData\LightScribe
2014-03-30 11:35 - 2014-03-30 11:35 - 00002737 _____ () C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk
2014-03-30 11:35 - 2014-03-30 11:35 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-03-30 11:34 - 2014-03-30 11:35 - 00000000 ____D () C:\ProgramData\Nero
2014-03-30 11:34 - 2014-03-30 11:35 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-30 11:33 - 2014-03-30 11:33 - 00002044 _____ () C:\Users\Public\Desktop\LightScribe.lnk
2014-03-30 09:49 - 2014-04-13 08:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 09:16 - 2014-03-29 09:16 - 14127518 _____ () C:\Users\ERIC\Downloads\12W18l3aQeT5f1870ce86QcRbSX6THX56.nzb
2014-03-29 07:51 - 2014-04-03 17:32 - 00001196 _____ () C:\Users\Public\Desktop\Air Video Server HD.lnk
2014-03-29 07:51 - 2014-03-29 07:51 - 00000000 ____D () C:\Program Files (x86)\AirVideoServer HD
2014-03-29 07:46 - 2014-04-03 17:32 - 00000000 ____D () C:\Users\ERIC\AppData\Local\AirVideoServerHD
2014-03-29 07:46 - 2014-03-29 07:46 - 00000048 _____ () C:\Windows\SysWOW64\settings.properties
2014-03-29 07:45 - 2014-03-29 07:46 - 11731296 _____ () C:\Users\ERIC\Downloads\AirVideoServerHD-1.0.15.exe
2014-03-28 22:29 - 2014-03-29 19:59 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\foobar2000
2014-03-28 22:29 - 2014-03-28 22:29 - 00001038 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-03-28 22:29 - 2014-03-28 22:29 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-03-28 17:38 - 2014-03-28 17:38 - 01935638 _____ () C:\Users\ERIC\Downloads\23W128aQe80f1896ce86kcaeSd8THX56.par2.nzb
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\Documents\CyberLink
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\CyberLink
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Cyberlink SoftDMA
2014-03-28 17:01 - 2014-03-28 17:24 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-28 17:01 - 2014-03-28 17:05 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-28 17:01 - 2014-03-28 17:01 - 00001418 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\MediaServer
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CyberLink
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\PDVD
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-28 17:00 - 2014-03-28 17:02 - 00000000 ____D () C:\ProgramData\install_clap
2014-03-27 17:06 - 2014-03-27 17:07 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-27 17:01 - 2014-03-27 17:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-27 17:01 - 2014-03-27 17:01 - 00001939 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2014-03-27 16:48 - 2014-03-27 17:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2014-03-23 17:32 - 2014-04-09 22:38 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Pro
2014-03-23 17:32 - 2014-03-23 17:32 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-03-23 17:31 - 2014-03-27 16:48 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\ProgramData\Hagel Technologies
2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\Program Files (x86)\DU Meter
2014-03-23 11:22 - 2014-03-23 11:22 - 00025466 _____ () C:\Users\ERIC\Documents\cc_20140323_102236.reg
2014-03-23 11:07 - 2014-03-23 11:07 - 00262144 _____ () C:\Windows\system32\config\elam
2014-03-23 11:04 - 2014-03-23 11:11 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-03-22 19:51 - 2014-04-09 22:21 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-03-22 19:51 - 2014-04-09 22:16 - 00000000 ____D () C:\ProgramData\NCH Software
2014-03-22 19:17 - 2014-03-22 19:17 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\iSpy
2014-03-21 23:52 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\ERIC\AppData\Local\IsolatedStorage
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\SplitMediaLabs
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-03-21 17:25 - 2014-03-21 17:25 - 00001210 _____ () C:\Users\ERIC\Desktop\Chromecast.lnk
2014-03-21 17:25 - 2014-03-21 17:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-03-21 17:24 - 2014-04-06 07:40 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core.job
2014-03-21 17:24 - 2014-04-06 07:35 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core
2014-03-20 21:25 - 2014-03-20 21:25 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-20 21:24 - 2014-03-20 21:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-20 20:57 - 2014-03-20 20:57 - 00001206 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-03-20 20:56 - 2014-03-20 20:57 - 04278003 _____ () C:\Users\ERIC\Downloads\lpchrome_win.crx
2014-03-19 19:12 - 2014-04-10 22:11 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\vlc
2014-03-18 23:33 - 2014-03-18 23:33 - 00525279 _____ () C:\Users\ERIC\Downloads\Veronica.Mars.1080p.VO.VF.VOST.mp4.par2.nzb
2014-03-18 23:14 - 2014-03-18 23:14 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-03-18 22:13 - 2014-03-18 22:13 - 01960126 _____ () C:\Users\ERIC\Downloads\Next1239 (1).nzb
2014-03-18 20:17 - 2014-03-18 20:17 - 04279616 _____ () C:\Windows\PE_File.dll
2014-03-18 20:17 - 2014-03-18 20:17 - 04226912 _____ () C:\Windows\PE_Rom.dll
2014-03-18 20:17 - 2010-08-03 07:21 - 00014464 _____ () C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2014-03-18 19:58 - 2014-03-18 19:58 - 00002611 _____ () C:\Users\Public\Desktop\ASUS PC Diagnostics.lnk
2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-03-18 19:25 - 2014-03-18 19:32 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Razer
2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\ProgramData\Razer
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\Documents\My Games
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skyrim
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\ProgramData\Steam
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Macromedia
2014-03-16 17:01 - 2014-03-16 20:37 - 00000000 ____D () C:\Users\ERIC\Documents\StarCraft II
2014-03-16 17:01 - 2014-03-16 17:01 - 00000724 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-03-16 16:59 - 2014-04-12 19:15 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 16:59 - 2014-03-16 16:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-16 16:59 - 2014-03-16 16:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-16 16:59 - 2014-03-16 16:59 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-16 16:58 - 2014-03-20 21:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Adobe
2014-03-16 13:10 - 2014-03-16 13:10 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Blizzard Entertainment
2014-03-16 11:58 - 2014-03-16 11:58 - 00000000 ____D () C:\Users\ERIC\Documents\Diablo III
2014-03-16 11:38 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\OneDrive
2014-03-16 11:38 - 2014-04-12 17:47 - 00005048 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ERIC-PC-ERIC ERIC-PC
2014-03-16 11:35 - 2014-03-18 20:07 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-16 11:35 - 2014-03-18 20:07 - 00000000 ____D () C:\ProgramData\Skype
2014-03-16 11:35 - 2014-03-16 14:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Skype
2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skype
2014-03-16 11:21 - 2014-03-16 11:21 - 00080180 _____ () C:\Users\ERIC\Documents\cc_20140316_102140.reg
2014-03-16 11:21 - 2014-03-16 11:21 - 00000422 _____ () C:\Users\ERIC\Documents\cc_20140316_102123.reg
2014-03-16 10:06 - 2014-03-16 10:06 - 00000771 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-03-16 10:03 - 2014-04-13 08:37 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Battle.net
2014-03-16 10:03 - 2014-03-16 17:01 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-16 10:03 - 2014-03-16 10:04 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Battle.net
2014-03-16 10:03 - 2014-03-16 10:03 - 00000763 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-16 10:01 - 2014-03-21 22:08 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-16 09:39 - 2014-03-16 09:39 - 00000000 ____D () C:\Program Files (x86)\Splashtop
2014-03-16 09:35 - 2014-03-16 09:35 - 00000000 ____D () C:\Program Files (x86)\Groupe ARCHISOFT
2014-03-16 09:34 - 2014-03-16 10:24 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Zappiti
2014-03-16 09:34 - 2014-03-16 09:35 - 00001208 _____ () C:\Users\Public\Desktop\Zappiti Media Center.lnk
2014-03-15 08:29 - 2014-03-15 08:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-15 08:27 - 2014-03-15 08:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-15 08:23 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-15 08:23 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-15 08:00 - 2014-04-11 21:05 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-15 08:00 - 2014-03-15 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-15 08:00 - 2014-03-15 08:00 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-15 00:28 - 2014-04-13 09:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-15 00:28 - 2014-03-15 00:28 - 00001096 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-15 00:28 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-03-15 00:27 - 2014-03-27 15:53 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-15 00:27 - 2014-03-27 15:53 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-15 00:15 - 2014-03-15 00:15 - 00000000 ____D () C:\Program Files\PlayReady
2014-03-14 23:40 - 2014-04-09 22:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 23:40 - 2014-03-14 23:40 - 00000970 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-14 23:32 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\Google Drive
2014-03-14 23:32 - 2014-03-14 23:32 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00001715 _____ () C:\Users\ERIC\Desktop\Google Drive.lnk
2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\Program Files (x86)\Elgato
2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Downloads\Box Sync.lnk
2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Desktop\Box Sync.lnk
2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ___HD () C:\Users\ERIC\.Box Sync
2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ____D () C:\Users\ERIC\Box Sync
2014-03-14 18:03 - 2014-04-13 08:43 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Box Sync
2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\Program Files\Box
2014-03-14 17:47 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\NVIDIA
2014-03-14 17:47 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\Documents\Broken Sword 5
2014-03-14 17:46 - 2014-03-14 17:46 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00000719 _____ () C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk
2014-03-14 17:46 - 2014-03-14 17:46 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-03-14 17:33 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-03-14 17:33 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-14 17:33 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-03-14 17:33 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-14 17:33 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-14 17:33 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-03-14 17:33 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-03-14 17:33 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-14 17:33 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-14 17:33 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-03-14 17:33 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-03-14 17:33 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-03-14 17:33 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-03-14 17:33 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-03-14 17:33 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-03-14 17:33 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-03-14 17:33 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-03-14 17:33 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-03-14 17:32 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-03-14 17:32 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-03-14 17:32 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-03-14 17:32 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-03-14 17:32 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-03-14 17:32 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-03-14 17:32 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-03-14 17:32 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-03-14 17:32 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-03-14 17:32 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-03-14 17:32 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-03-14 17:32 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-03-14 17:32 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-14 17:32 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-03-14 17:32 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-14 17:32 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-03-14 17:32 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-03-14 17:32 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-14 17:32 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-03-14 17:32 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-14 17:32 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-03-14 17:32 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-14 17:32 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-03-14 17:32 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-03-14 17:32 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-03-14 17:32 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-03-14 17:32 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-03-14 17:32 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-03-14 17:32 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-03-14 17:32 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-03-14 17:32 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-03-14 17:32 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-03-14 17:32 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-03-14 17:32 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-03-14 17:32 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-03-14 17:32 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-03-14 17:32 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-03-14 17:32 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-03-14 17:32 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-03-14 17:32 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-03-14 17:32 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-03-14 17:32 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-03-14 17:32 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-03-14 17:32 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-03-14 17:32 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-03-14 17:32 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-03-14 17:32 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-03-14 17:32 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-03-14 17:32 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-03-14 17:32 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-03-14 17:32 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-03-14 17:32 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-03-14 17:32 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-03-14 17:32 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-03-14 17:32 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-03-14 17:32 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-03-14 17:32 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-14 17:32 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-14 17:32 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-03-14 17:32 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-14 17:32 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-03-14 17:32 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-14 17:32 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-03-14 17:32 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-14 17:32 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-03-14 17:32 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-14 17:32 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-03-14 17:32 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-14 17:32 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-03-14 17:32 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-14 17:32 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-03-14 17:32 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-14 17:32 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-03-14 17:32 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-03-14 17:32 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-14 17:32 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-14 17:32 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-03-14 17:32 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-14 17:32 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-03-14 17:32 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-14 17:32 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-03-14 17:32 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-03-14 17:32 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-14 17:32 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-14 17:32 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-14 17:32 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-03-14 17:32 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-03-14 17:32 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-03-14 17:32 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-14 17:32 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-14 17:32 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-03-14 17:32 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-14 17:32 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-03-14 17:32 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-14 17:32 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-03-14 17:32 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-14 17:32 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-03-14 17:32 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-14 17:32 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-03-14 17:32 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-14 17:32 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-03-14 17:32 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-14 17:32 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-03-14 17:32 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-14 17:32 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-03-14 17:32 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-14 17:32 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-03-14 17:32 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-14 17:32 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-03-14 17:32 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-14 17:32 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-03-14 16:56 - 2014-04-13 08:40 - 00000000 ____D () C:\AdwCleaner
2014-03-14 16:54 - 2014-03-14 16:54 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-14 16:42 - 2014-03-16 11:20 - 00000000 ____D () C:\Windows\Minidump
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Lite
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-14 16:27 - 2014-03-19 18:38 - 00000000 ____D () C:\Program Files\Unlocker
2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier
2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Program Files\Ultracopier
2014-03-14 16:16 - 2014-03-14 16:16 - 00000282 _____ () C:\SSUUpdater.log
2014-03-14 16:13 - 2014-04-08 19:50 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Newsbin
2014-03-14 16:13 - 2014-04-08 19:49 - 00000000 ____D () C:\Program Files\Newsbin
2014-03-14 16:13 - 2014-03-15 07:58 - 00000000 ____D () C:\Users\ERIC\Documents\Newsbin
2014-03-14 16:13 - 2014-03-14 16:13 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin for RegNow 64.lnk
2014-03-14 16:11 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\Dropbox
2014-03-14 16:11 - 2014-04-10 21:09 - 00001021 _____ () C:\Users\ERIC\Desktop\Dropbox.lnk
2014-03-14 16:10 - 2014-04-13 08:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Dropbox
2014-03-14 16:10 - 2014-04-10 21:09 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-14 16:10 - 2014-03-14 16:11 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DropboxMaster
2014-03-14 16:02 - 2014-04-13 08:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\IDM
2014-03-14 16:02 - 2014-04-13 08:41 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DMCache
2014-03-14 16:02 - 2014-04-04 13:51 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-03-14 16:02 - 2014-03-27 16:55 - 00000000 ____D () C:\Users\ERIC\Downloads\Compressed
2014-03-14 16:02 - 2014-03-14 16:02 - 00001016 _____ () C:\Users\ERIC\Desktop\Internet Download Manager.lnk
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Video
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\ProgramData\IDM
2014-03-14 15:57 - 2014-03-14 15:57 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-14 15:57 - 2014-03-14 15:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-14 15:54 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-14 15:54 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-14 15:54 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-14 15:54 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-14 15:53 - 2014-03-15 08:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 15:53 - 2014-03-15 08:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 15:53 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-14 15:53 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-14 15:53 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-14 15:53 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-14 15:53 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-14 15:53 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-14 15:53 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-14 15:53 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-14 15:53 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-14 15:53 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-14 15:53 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-14 15:53 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-14 15:53 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-14 15:53 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-14 15:51 - 2014-04-12 18:49 - 00000000 ____D () C:\Users\ERIC\Documents\Fichiers Outlook
2014-03-14 15:45 - 2014-04-13 08:43 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-14 15:45 - 2014-03-14 16:20 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-14 15:36 - 2014-03-14 15:36 - 00000000 ____D () C:\Users\ERIC\ultracopier
2014-03-14 15:15 - 2014-03-14 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\WinRAR
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-14 14:13 - 2014-03-14 14:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-14 14:13 - 2007-06-06 21:00 - 00130048 _____ (Hewlett-Packard Company) C:\Windows\system32\hpz3l5k2.dll
2014-03-14 14:13 - 2007-06-06 20:58 - 00233472 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpzc35k2.dll
2014-03-14 14:07 - 2014-04-04 15:08 - 00002222 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ___RD () C:\Users\ERIC\SkyDrive
2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-14 13:45 - 2014-03-14 13:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-14 13:20 - 2014-03-27 16:22 - 00002223 _____ () C:\Users\Public\Desktop\ACDSee 17.lnk
2014-03-14 13:20 - 2014-03-15 00:43 - 00000000 ____D () C:\Users\ERIC\AppData\Local\ACD Systems
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ACD Systems
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Program Files (x86)\ACD Systems
2014-03-14 13:15 - 2014-04-09 23:40 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CrashDumps
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-03-14 13:12 - 2014-04-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 13:12 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 __RHD () C:\MSOCache
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Microsoft Help
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-14 13:10 - 2014-03-14 13:10 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer
2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-03-14 13:01 - 2014-03-14 13:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Sonos,_Inc
2014-03-14 12:58 - 2014-04-12 18:37 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-03-14 12:58 - 2014-04-12 18:18 - 00001958 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-03-14 12:58 - 2014-04-12 18:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Downloaded Installations
2014-03-14 12:58 - 2014-04-12 18:18 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-03-14 12:56 - 2014-03-14 12:56 - 00001112 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qobuz Desktop.lnk
2014-03-14 12:56 - 2014-03-14 12:56 - 00001104 _____ () C:\Users\ERIC\Desktop\Qobuz Desktop.lnk
2014-03-14 12:53 - 2014-03-14 15:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-14 12:53 - 2014-03-14 12:54 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iTunes
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iPod
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-14 12:53 - 2012-08-21 14:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-03-14 12:50 - 2014-03-14 12:50 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-14 12:45 - 2014-03-14 12:45 - 00002084 _____ () C:\Users\ERIC\Desktop\JDownloader 2.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-03-14 12:44 - 2014-04-11 22:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\JDownloader v2.0
2014-03-14 12:44 - 2014-03-14 12:44 - 00000041 _____ () C:\Users\ERIC\AppData\Roaming\WB.CFG
2014-03-14 12:39 - 2014-04-03 15:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Leadertech
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Logitech
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-03-14 12:37 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logitech
2014-03-14 12:36 - 2014-03-14 12:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logishrd
2014-03-14 11:35 - 2014-03-14 11:35 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-14 11:35 - 2014-03-14 11:35 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-14 11:34 - 2014-03-14 11:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\MPC-HC
2014-03-14 11:33 - 2014-03-14 11:33 - 00001709 _____ () C:\Users\ERIC\Desktop\MPC-HC x64.lnk
2014-03-14 11:33 - 2014-03-14 11:33 - 00000000 ____D () C:\Program Files\MPC-HC
2014-03-14 11:27 - 2014-04-08 16:50 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA Corporation
2014-03-14 11:25 - 2014-04-13 08:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-14 11:25 - 2014-04-02 15:27 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-14 11:25 - 2014-04-02 15:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-14 11:25 - 2014-03-14 11:36 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA
2014-03-14 11:25 - 2014-03-14 11:25 - 00001354 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-14 11:25 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-14 11:25 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-14 11:25 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-03-14 11:25 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-14 11:25 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-03-14 11:25 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-14 11:25 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-03-14 11:24 - 2014-04-08 16:57 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-14 11:24 - 2014-04-08 16:50 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-14 11:24 - 2014-03-27 14:45 - 18493952 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 14422856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 03106688 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 02728160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 00952440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 00060248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-14 11:24 - 2014-03-27 14:45 - 00026011 _____ () C:\Windows\system32\nvinfo.pb
2014-03-14 11:24 - 2014-03-27 04:11 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-14 11:24 - 2014-03-27 04:11 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-14 11:24 - 2014-03-27 04:11 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-14 11:24 - 2014-03-27 04:11 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-14 11:24 - 2014-03-27 04:11 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-14 11:24 - 2014-03-27 04:11 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-14 11:24 - 2014-03-24 12:31 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-14 11:24 - 2014-03-21 21:43 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-14 11:24 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-14 11:24 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-14 11:24 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-14 11:24 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-14 11:24 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-03-14 11:23 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-14 11:19 - 2014-03-30 09:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Malwarebytes
2014-03-14 11:19 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-14 11:18 - 2014-03-30 09:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 11:16 - 2014-03-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-14 11:16 - 2014-03-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-14 11:16 - 2014-03-14 11:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-14 11:16 - 2014-03-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-14 11:16 - 2014-03-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-14 11:08 - 2014-04-13 08:42 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 11:08 - 2014-04-11 23:36 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Google
2014-03-14 11:08 - 2014-04-11 23:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-14 11:08 - 2014-04-06 08:16 - 00003808 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-14 11:07 - 2014-03-14 15:51 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Deployment
2014-03-14 11:07 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apps\2.0
2014-03-14 11:05 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 11:05 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 11:05 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 11:00 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 11:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 10:59 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 10:59 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 10:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 10:56 - 2014-03-18 19:27 - 00111968 _____ () C:\Users\ERIC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-14 10:56 - 2014-03-14 10:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Intel Corporation
2014-03-14 10:55 - 2014-03-20 21:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Adobe
2014-03-14 10:55 - 2014-03-14 15:28 - 00000000 ____D () C:\Users\ERIC\Documents\Bluetooth Folder
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Atheros
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VirtualStore
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\BMExplorer
2014-03-14 10:53 - 2014-04-10 21:09 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-14 10:53 - 2014-04-03 17:14 - 00000000 ____D () C:\Users\ERIC
2014-03-14 10:53 - 2014-03-14 11:22 - 00001436 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-14 10:53 - 2014-03-14 10:55 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage réseau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage d'impression
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Local\Historique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Favoris
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Bureau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 ___SD () C:\Recovery
2014-03-14 10:53 - 2010-11-21 04:50 - 00000020 ___SH () C:\Users\ERIC\ntuser.ini
2014-03-14 10:53 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-14 10:53 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
2014-04-13 09:01 - 2014-04-11 21:56 - 00000000 ____D () C:\FRST
2014-04-13 09:00 - 2014-03-15 00:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-13 08:56 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\IDM
2014-04-13 08:51 - 2014-03-30 09:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-13 08:50 - 2014-04-13 08:50 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 08:50 - 2014-04-13 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 08:48 - 2011-04-12 11:16 - 00765746 _____ () C:\Windows\system32\perfh00C.dat
2014-04-13 08:48 - 2011-04-12 11:16 - 00156406 _____ () C:\Windows\system32\perfc00C.dat
2014-04-13 08:48 - 2009-07-14 07:13 - 01709024 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 08:48 - 2009-07-14 06:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 08:48 - 2009-07-14 06:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 08:43 - 2014-03-14 18:03 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Box Sync
2014-04-13 08:43 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Dropbox
2014-04-13 08:43 - 2014-03-14 15:45 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-04-13 08:42 - 2014-04-13 08:42 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-13 08:42 - 2014-04-10 21:07 - 00008244 _____ () C:\Windows\PFRO.log
2014-04-13 08:42 - 2014-04-09 22:47 - 00003024 _____ () C:\Windows\setupact.log
2014-04-13 08:42 - 2014-03-16 11:38 - 00000000 ___RD () C:\Users\ERIC\OneDrive
2014-04-13 08:42 - 2014-03-14 23:32 - 00000000 ___RD () C:\Users\ERIC\Google Drive
2014-04-13 08:42 - 2014-03-14 16:11 - 00000000 ___RD () C:\Users\ERIC\Dropbox
2014-04-13 08:42 - 2014-03-14 11:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-13 08:42 - 2014-03-14 11:08 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 08:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-13 08:41 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DMCache
2014-04-13 08:41 - 2013-10-18 12:04 - 01870866 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 08:40 - 2014-03-14 16:56 - 00000000 ____D () C:\AdwCleaner
2014-04-13 08:37 - 2014-03-16 10:03 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Battle.net
2014-04-12 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 19:15 - 2014-03-16 16:59 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 18:49 - 2014-03-14 15:51 - 00000000 ____D () C:\Users\ERIC\Documents\Fichiers Outlook
2014-04-12 18:37 - 2014-03-14 12:58 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-04-12 18:18 - 2014-03-14 12:58 - 00001958 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-04-12 18:18 - 2014-03-14 12:58 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Downloaded Installations
2014-04-12 18:18 - 2014-03-14 12:58 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-04-12 17:47 - 2014-03-16 11:38 - 00005048 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ERIC-PC-ERIC ERIC-PC
2014-04-12 00:08 - 2014-04-08 20:04 - 00003928 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-04-11 23:51 - 2014-04-11 22:19 - 00001994 _____ () C:\Users\ERIC\Desktop\ZHPFix.lnk
2014-04-11 23:51 - 2014-04-11 22:19 - 00001867 _____ () C:\Users\ERIC\Desktop\ZHPDiag.lnk
2014-04-11 23:51 - 2014-04-11 22:19 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ZHP
2014-04-11 23:51 - 2014-04-11 22:19 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-11 23:37 - 2014-04-11 23:37 - 00002340 _____ () C:\Users\ERIC\Desktop\Lanceur d'applications Google Chrome.lnk
2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-11 23:37 - 2014-04-11 23:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2014-04-11 23:36 - 2014-04-11 23:36 - 00002260 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-11 23:36 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Google
2014-04-11 23:36 - 2014-03-14 11:08 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieUserList
2014-04-11 23:33 - 2014-04-11 23:33 - 00000000 __SHD () C:\Users\ERIC\AppData\Local\EmieSiteList
2014-04-11 23:12 - 2014-04-11 22:58 - 00036353 _____ () C:\Shortcut_Module_11_04_2014_23_12_04.txt
2014-04-11 23:12 - 2014-04-11 21:29 - 00000000 ____D () C:\Shortcut_Module
2014-04-11 22:33 - 2014-04-11 22:33 - 00000624 _____ () C:\Users\ERIC\Desktop\JRT.txt
2014-04-11 22:33 - 2014-04-11 22:24 - 00010239 _____ () C:\Users\ERIC\Desktop\SFTGC.txt
2014-04-11 22:22 - 2014-04-11 22:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 22:07 - 2014-03-14 12:44 - 00000000 ____D () C:\Users\ERIC\AppData\Local\JDownloader v2.0
2014-04-11 21:43 - 2014-04-11 21:29 - 00062047 _____ () C:\Shortcut_Module_11_04_2014_21_43_48.txt
2014-04-11 21:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-11 21:15 - 2014-04-11 21:15 - 00003428 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-04-11 21:15 - 2014-04-11 21:14 - 00000000 ____D () C:\rei
2014-04-11 21:15 - 2014-04-11 21:13 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-11 21:14 - 2014-04-11 21:14 - 00000000 ____D () C:\ProgramData\CDB
2014-04-11 21:05 - 2014-03-15 08:00 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-10 22:41 - 2014-03-14 13:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 22:38 - 2013-09-05 15:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 22:37 - 2013-09-05 15:26 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 22:11 - 2014-03-19 19:12 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\vlc
2014-04-10 21:09 - 2014-03-14 16:11 - 00001021 _____ () C:\Users\ERIC\Desktop\Dropbox.lnk
2014-04-10 21:09 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-10 21:09 - 2014-03-14 10:53 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 00:08 - 2014-04-09 23:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-09 23:48 - 2014-04-09 23:48 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-09 23:40 - 2014-03-14 13:15 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CrashDumps
2014-04-09 22:47 - 2014-04-09 22:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 22:38 - 2014-03-23 17:32 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Pro
2014-04-09 22:38 - 2014-03-14 23:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-09 22:21 - 2014-03-22 19:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-09 22:16 - 2014-03-22 19:51 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-08 19:50 - 2014-03-14 16:13 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Newsbin
2014-04-08 19:49 - 2014-04-08 19:49 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin Pro 64.lnk
2014-04-08 19:49 - 2014-04-08 19:49 - 00000855 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-04-08 19:49 - 2014-04-08 19:49 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Newsbin6
2014-04-08 19:49 - 2014-03-14 16:13 - 00000000 ____D () C:\Program Files\Newsbin
2014-04-08 19:01 - 2014-04-08 19:01 - 00000000 ____D () C:\Windows\system32\log
2014-04-08 18:07 - 2014-04-08 18:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VS Revo Group
2014-04-08 18:06 - 2014-04-08 18:06 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-04-08 18:06 - 2014-04-08 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-08 16:57 - 2014-03-14 11:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-08 16:50 - 2014-03-14 11:27 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA Corporation
2014-04-08 16:50 - 2014-03-14 11:24 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-08 15:07 - 2014-04-08 19:01 - 00034304 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-04-06 08:16 - 2014-03-14 11:08 - 00003808 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-06 07:40 - 2014-03-21 17:24 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core.job
2014-04-06 07:35 - 2014-03-21 17:24 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2166185552-2205534352-89382135-1000Core
2014-04-05 13:52 - 2014-04-05 13:52 - 00000000 ____D () C:\Users\ERIC\Documents\MercurySteam
2014-04-05 13:51 - 2014-04-05 13:51 - 00000633 _____ () C:\Users\Public\Desktop\Castlevania Lords of Shadow 2.lnk
2014-04-04 15:08 - 2014-03-14 14:07 - 00002222 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-04 13:51 - 2014-03-14 16:02 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-04-03 17:32 - 2014-03-29 07:51 - 00001196 _____ () C:\Users\Public\Desktop\Air Video Server HD.lnk
2014-04-03 17:32 - 2014-03-29 07:46 - 00000000 ____D () C:\Users\ERIC\AppData\Local\AirVideoServerHD
2014-04-03 17:15 - 2009-07-14 07:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 17:14 - 2014-03-14 10:53 - 00000000 ____D () C:\Users\ERIC
2014-04-03 15:49 - 2014-03-14 12:39 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-04-03 09:51 - 2014-04-13 08:50 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-13 08:50 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-13 08:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 15:27 - 2014-03-14 11:25 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-02 15:27 - 2014-03-14 11:25 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-30 11:43 - 2014-03-30 11:43 - 00000000 ____D () C:\Windows\Replay Video Capture
2014-03-30 11:38 - 2014-03-30 11:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Nero
2014-03-30 11:37 - 2014-03-30 11:37 - 00000000 ____D () C:\ProgramData\LightScribe
2014-03-30 11:35 - 2014-03-30 11:35 - 00002737 _____ () C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk
2014-03-30 11:35 - 2014-03-30 11:35 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-03-30 11:35 - 2014-03-30 11:34 - 00000000 ____D () C:\ProgramData\Nero
2014-03-30 11:35 - 2014-03-30 11:34 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-30 11:33 - 2014-03-30 11:33 - 00002044 _____ () C:\Users\Public\Desktop\LightScribe.lnk
2014-03-30 09:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-03-30 09:49 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Malwarebytes
2014-03-30 09:49 - 2014-03-14 11:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:59 - 2014-03-28 22:29 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\foobar2000
2014-03-29 09:16 - 2014-03-29 09:16 - 14127518 _____ () C:\Users\ERIC\Downloads\12W18l3aQeT5f1870ce86QcRbSX6THX56.nzb
2014-03-29 07:51 - 2014-03-29 07:51 - 00000000 ____D () C:\Program Files (x86)\AirVideoServer HD
2014-03-29 07:46 - 2014-03-29 07:46 - 00000048 _____ () C:\Windows\SysWOW64\settings.properties
2014-03-29 07:46 - 2014-03-29 07:45 - 11731296 _____ () C:\Users\ERIC\Downloads\AirVideoServerHD-1.0.15.exe
2014-03-28 22:29 - 2014-03-28 22:29 - 00001038 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-03-28 22:29 - 2014-03-28 22:29 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-03-28 17:38 - 2014-03-28 17:38 - 01935638 _____ () C:\Users\ERIC\Downloads\23W128aQe80f1896ce86kcaeSd8THX56.par2.nzb
2014-03-28 17:24 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-28 17:05 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\Documents\CyberLink
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\CyberLink
2014-03-28 17:02 - 2014-03-28 17:02 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Cyberlink SoftDMA
2014-03-28 17:02 - 2014-03-28 17:00 - 00000000 ____D () C:\ProgramData\install_clap
2014-03-28 17:01 - 2014-03-28 17:01 - 00001418 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\MediaServer
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\CyberLink
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\ProgramData\PDVD
2014-03-28 17:01 - 2014-03-28 17:01 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-28 17:00 - 2013-10-18 12:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 17:07 - 2014-03-27 17:06 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-27 17:01 - 2014-03-27 17:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-27 17:01 - 2014-03-27 17:01 - 00001939 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2014-03-27 17:01 - 2014-03-27 16:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2014-03-27 16:55 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Compressed
2014-03-27 16:48 - 2014-03-23 17:31 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-03-27 16:22 - 2014-03-14 13:20 - 00002223 _____ () C:\Users\Public\Desktop\ACDSee 17.lnk
2014-03-27 15:53 - 2014-03-15 00:27 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-27 15:53 - 2014-03-15 00:27 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-27 14:45 - 2014-04-08 16:56 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-27 14:45 - 2014-04-08 16:56 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 09697128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-27 14:45 - 2014-04-08 16:56 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 18493952 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 14422856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 03106688 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 02728160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 00952440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 00060248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-27 14:45 - 2014-03-14 11:24 - 00026011 _____ () C:\Windows\system32\nvinfo.pb
2014-03-27 04:11 - 2014-03-14 11:24 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-27 04:11 - 2014-03-14 11:24 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-27 04:11 - 2014-03-14 11:24 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-27 04:11 - 2014-03-14 11:24 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-27 04:11 - 2014-03-14 11:24 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-27 04:11 - 2014-03-14 11:24 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-26 23:40 - 2014-04-08 16:57 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-24 12:31 - 2014-03-14 11:24 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-23 17:32 - 2014-03-23 17:32 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\ProgramData\Hagel Technologies
2014-03-23 17:13 - 2014-03-23 17:13 - 00000000 ____D () C:\Program Files (x86)\DU Meter
2014-03-23 11:22 - 2014-03-23 11:22 - 00025466 _____ () C:\Users\ERIC\Documents\cc_20140323_102236.reg
2014-03-23 11:11 - 2014-03-23 11:04 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-03-23 11:07 - 2014-03-23 11:07 - 00262144 _____ () C:\Windows\system32\config\elam
2014-03-23 11:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-23 11:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-03-22 19:17 - 2014-03-22 19:17 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\iSpy
2014-03-21 23:52 - 2014-03-21 23:52 - 00000000 ____D () C:\Users\ERIC\AppData\Local\IsolatedStorage
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\SplitMediaLabs
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-03-21 23:42 - 2014-03-21 23:42 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-03-21 22:09 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\NVIDIA
2014-03-21 22:08 - 2014-03-16 10:01 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-21 21:43 - 2014-04-08 16:50 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-21 21:43 - 2014-04-08 16:50 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-21 21:43 - 2014-03-14 11:24 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-21 17:25 - 2014-03-21 17:25 - 00001210 _____ () C:\Users\ERIC\Desktop\Chromecast.lnk
2014-03-21 17:25 - 2014-03-21 17:25 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-03-20 21:26 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-20 21:25 - 2014-03-20 21:25 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-20 21:25 - 2014-03-20 21:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-20 21:25 - 2014-03-16 16:58 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Adobe
2014-03-20 21:25 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Adobe
2014-03-20 20:57 - 2014-03-20 20:57 - 00001206 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-03-20 20:57 - 2014-03-20 20:57 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-03-20 20:57 - 2014-03-20 20:56 - 04278003 _____ () C:\Users\ERIC\Downloads\lpchrome_win.crx
2014-03-19 18:38 - 2014-03-14 16:27 - 00000000 ____D () C:\Program Files\Unlocker
2014-03-18 23:33 - 2014-03-18 23:33 - 00525279 _____ () C:\Users\ERIC\Downloads\Veronica.Mars.1080p.VO.VF.VOST.mp4.par2.nzb
2014-03-18 23:14 - 2014-03-18 23:14 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-03-18 22:13 - 2014-03-18 22:13 - 01960126 _____ () C:\Users\ERIC\Downloads\Next1239 (1).nzb
2014-03-18 20:17 - 2014-03-18 20:17 - 04279616 _____ () C:\Windows\PE_File.dll
2014-03-18 20:17 - 2014-03-18 20:17 - 04226912 _____ () C:\Windows\PE_Rom.dll
2014-03-18 20:07 - 2014-03-16 11:35 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 20:07 - 2014-03-16 11:35 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 19:58 - 2014-03-18 19:58 - 00002611 _____ () C:\Users\Public\Desktop\ASUS PC Diagnostics.lnk
2014-03-18 19:58 - 2013-10-18 12:22 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-03-18 19:34 - 2009-07-14 06:45 - 00456968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-18 19:32 - 2014-03-18 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2014-03-18 19:32 - 2014-03-18 19:25 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-18 19:27 - 2014-03-14 10:56 - 00111968 _____ () C:\Users\ERIC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Razer
2014-03-18 19:25 - 2014-03-18 19:25 - 00000000 ____D () C:\ProgramData\Razer
2014-03-16 20:37 - 2014-03-16 17:01 - 00000000 ____D () C:\Users\ERIC\Documents\StarCraft II
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\Documents\My Games
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skyrim
2014-03-16 20:18 - 2014-03-16 20:18 - 00000000 ____D () C:\ProgramData\Steam
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Macromedia
2014-03-16 17:01 - 2014-03-16 17:01 - 00000724 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-03-16 17:01 - 2014-03-16 10:03 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-16 16:59 - 2014-03-16 16:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-16 16:59 - 2014-03-16 16:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-16 16:59 - 2014-03-16 16:59 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-16 16:59 - 2014-03-16 16:59 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-16 14:09 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Skype
2014-03-16 13:10 - 2014-03-16 13:10 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Blizzard Entertainment
2014-03-16 11:58 - 2014-03-16 11:58 - 00000000 ____D () C:\Users\ERIC\Documents\Diablo III
2014-03-16 11:56 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 11:35 - 2014-03-16 11:35 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Skype
2014-03-16 11:21 - 2014-03-16 11:21 - 00080180 _____ () C:\Users\ERIC\Documents\cc_20140316_102140.reg
2014-03-16 11:21 - 2014-03-16 11:21 - 00000422 _____ () C:\Users\ERIC\Documents\cc_20140316_102123.reg
2014-03-16 11:20 - 2014-03-14 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-03-16 11:20 - 2013-09-05 15:57 - 00000000 ____D () C:\Windows\Panther
2014-03-16 10:24 - 2014-03-16 09:34 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Zappiti
2014-03-16 10:06 - 2014-03-16 10:06 - 00000771 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-03-16 10:04 - 2014-03-16 10:03 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Battle.net
2014-03-16 10:03 - 2014-03-16 10:03 - 00000763 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-16 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-16 09:47 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-16 09:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-16 09:44 - 2013-09-05 15:00 - 01655180 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-16 09:39 - 2014-03-16 09:39 - 00000000 ____D () C:\Program Files (x86)\Splashtop
2014-03-16 09:35 - 2014-03-16 09:35 - 00000000 ____D () C:\Program Files (x86)\Groupe ARCHISOFT
2014-03-16 09:35 - 2014-03-16 09:34 - 00001208 _____ () C:\Users\Public\Desktop\Zappiti Media Center.lnk
2014-03-15 08:34 - 2014-03-14 15:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 08:34 - 2014-03-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 08:29 - 2014-03-15 08:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-15 08:27 - 2014-03-15 08:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-15 08:00 - 2014-03-15 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-15 08:00 - 2014-03-15 08:00 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-15 07:58 - 2014-03-14 16:13 - 00000000 ____D () C:\Users\ERIC\Documents\Newsbin
2014-03-15 00:43 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Local\ACD Systems
2014-03-15 00:31 - 2013-10-12 07:19 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-03-15 00:31 - 2013-10-12 07:19 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-03-15 00:31 - 2013-06-06 18:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-03-15 00:28 - 2014-03-15 00:28 - 00001096 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-15 00:28 - 2014-03-15 00:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-15 00:22 - 2013-09-05 15:01 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-15 00:15 - 2014-03-15 00:15 - 00000000 ____D () C:\Program Files\PlayReady
2014-03-14 23:40 - 2014-03-14 23:40 - 00000970 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-03-14 23:32 - 2014-03-14 23:32 - 00001715 _____ () C:\Users\ERIC\Desktop\Google Drive.lnk
2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\Program Files (x86)\Elgato
2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Downloads\Box Sync.lnk
2014-03-14 18:04 - 2014-03-14 18:04 - 00001545 _____ () C:\Users\ERIC\Desktop\Box Sync.lnk
2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ___HD () C:\Users\ERIC\.Box Sync
2014-03-14 18:04 - 2014-03-14 18:04 - 00000000 ____D () C:\Users\ERIC\Box Sync
2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-14 18:03 - 2014-03-14 18:03 - 00000000 ____D () C:\Program Files\Box
2014-03-14 17:47 - 2014-03-14 17:47 - 00000000 ____D () C:\Users\ERIC\Documents\Broken Sword 5
2014-03-14 17:46 - 2014-03-14 17:46 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-03-14 17:46 - 2014-03-14 17:46 - 00000719 _____ () C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk
2014-03-14 17:46 - 2014-03-14 17:46 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-03-14 16:54 - 2014-03-14 16:54 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DAEMON Tools Lite
2014-03-14 16:34 - 2014-03-14 16:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier
2014-03-14 16:24 - 2014-03-14 16:24 - 00000000 ____D () C:\Program Files\Ultracopier
2014-03-14 16:20 - 2014-03-14 15:45 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-14 16:16 - 2014-03-14 16:16 - 00000282 _____ () C:\SSUUpdater.log
2014-03-14 16:13 - 2014-03-14 16:13 - 00000890 _____ () C:\Users\ERIC\Desktop\Newsbin for RegNow 64.lnk
2014-03-14 16:11 - 2014-03-14 16:10 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\DropboxMaster
2014-03-14 16:02 - 2014-03-14 16:02 - 00001016 _____ () C:\Users\ERIC\Desktop\Internet Download Manager.lnk
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\Downloads\Video
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\ProgramData\IDM
2014-03-14 15:57 - 2014-03-14 15:57 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-14 15:57 - 2014-03-14 15:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-14 15:56 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-14 15:51 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Deployment
2014-03-14 15:36 - 2014-03-14 15:36 - 00000000 ____D () C:\Users\ERIC\ultracopier
2014-03-14 15:28 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\Documents\Bluetooth Folder
2014-03-14 15:17 - 2013-10-18 12:46 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-14 15:15 - 2014-03-14 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\WinRAR
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-14 14:35 - 2014-03-14 14:35 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-14 14:13 - 2014-03-14 14:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ___RD () C:\Users\ERIC\SkyDrive
2014-03-14 14:07 - 2014-03-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-14 13:45 - 2014-03-14 13:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\ACD Systems
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-03-14 13:20 - 2014-03-14 13:20 - 00000000 ____D () C:\Program Files (x86)\ACD Systems
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-14 13:13 - 2014-03-14 13:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-03-14 13:13 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-14 13:13 - 2011-04-12 11:27 - 00000000 ____D () C:\Windows\ShellNew
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 __RHD () C:\MSOCache
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Microsoft Help
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-14 13:12 - 2014-03-14 13:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-14 13:10 - 2014-03-14 13:10 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer
2014-03-14 13:08 - 2014-03-14 13:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-03-14 13:01 - 2014-03-14 13:01 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Sonos,_Inc
2014-03-14 12:56 - 2014-03-14 12:56 - 00001112 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qobuz Desktop.lnk
2014-03-14 12:56 - 2014-03-14 12:56 - 00001104 _____ () C:\Users\ERIC\Desktop\Qobuz Desktop.lnk
2014-03-14 12:54 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\Apple
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iTunes
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\iPod
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-14 12:53 - 2014-03-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-14 12:51 - 2011-04-12 11:27 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-14 12:50 - 2014-03-14 12:50 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-14 12:45 - 2014-03-14 12:45 - 00002084 _____ () C:\Users\ERIC\Desktop\JDownloader 2.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-03-14 12:44 - 2014-03-14 12:44 - 00000041 _____ () C:\Users\ERIC\AppData\Roaming\WB.CFG
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Leadertech
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Logitech
2014-03-14 12:39 - 2014-03-14 12:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-03-14 12:39 - 2014-03-14 12:37 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logitech
2014-03-14 12:37 - 2014-03-14 12:36 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Logishrd
2014-03-14 11:36 - 2014-03-14 11:25 - 00000000 ____D () C:\Users\ERIC\AppData\Local\NVIDIA
2014-03-14 11:35 - 2014-03-14 11:35 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-14 11:35 - 2014-03-14 11:35 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-14 11:34 - 2014-03-14 11:34 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\MPC-HC
2014-03-14 11:33 - 2014-03-14 11:33 - 00001709 _____ () C:\Users\ERIC\Desktop\MPC-HC x64.lnk
2014-03-14 11:33 - 2014-03-14 11:33 - 00000000 ____D () C:\Program Files\MPC-HC
2014-03-14 11:25 - 2014-03-14 11:25 - 00001354 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-14 11:25 - 2014-03-14 11:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-14 11:25 - 2014-03-14 11:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-14 11:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-14 11:23 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-14 11:22 - 2014-03-14 10:53 - 00001436 _____ () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-14 11:16 - 2014-03-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-14 11:16 - 2014-03-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-14 11:16 - 2014-03-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-14 11:16 - 2014-03-14 11:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-14 11:16 - 2014-03-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-14 11:16 - 2014-03-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-14 11:16 - 2014-03-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-14 11:16 - 2014-03-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-14 11:16 - 2014-03-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-14 11:07 - 2014-03-14 11:07 - 00000000 ____D () C:\Users\ERIC\AppData\Local\Apps\2.0
2014-03-14 10:56 - 2014-03-14 10:56 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Intel Corporation
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Roaming\Atheros
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\VirtualStore
2014-03-14 10:55 - 2014-03-14 10:55 - 00000000 ____D () C:\Users\ERIC\AppData\Local\BMExplorer
2014-03-14 10:55 - 2014-03-14 10:53 - 00000000 ___RD () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage réseau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Voisinage d'impression
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\ERIC\AppData\Local\Historique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Modèles
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Favoris
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\ProgramData\Bureau
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2014-03-14 10:53 - 2014-03-14 10:53 - 00000000 ___SD () C:\Recovery
2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-14 10:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
Some content of TEMP:
====================
C:\Users\ERIC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpamg3t4.dll
C:\Users\ERIC\AppData\Local\Temp\ntdll_dump.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 21:01
==================== End Of Log ============================
pear Devil Member !

pear

Posté(e)
Posté(e) (modifié)

Je n'ai pas vu ce rapport de Rogue Killer

Nettoyage

Dans l'onglet "Registre", décocher les lignes que vous avez volontairement modifiées
(Si vous n'avez rien modifié ,vous n'avez donc pas de raison valable d'en décocher. )
Cliquer sur Suppression. Cliquer sur Rapport et copier/coller le contenu

 

Je ne vous ai pas demandé Frst!

 

 

Vous devez trouver les 2 icônes Zhpdiag, Zhpfix. sur le bureau
34038020130908194213.jpg
ou sinon dans le dossier où vous avez installé Zhpdiag (Program files ->Zhpdiag ->Zhpfix)
Cliquer sur l'icône Zhpfix
Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur
Copiez/Collez les lignes vertes dans le cadre ci dessous:
pour cela;
Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas
Ctrl+c mettre le tout en mémoire
Cliquer Importer
pour inscrire le texte dans la fenêtre vide qui s'ouvre

[94316920130908191607.jpg

Script Zhpfix

O4 - GS\Desktop [Public]: PC Scan & Repair by Reimage.lnk . (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (.not file.)
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe (.not file.)
[MD5.83AC88E59AED154D19915169ADF0FAAD] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3727360]
[MD5.00000000000000000000000000000000] [APT] [Reimage Reminder] (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe (.not file.) [0]
[HKCU\Software\Reimage]
[HKLM\Software\Reimage]
O44 - LFC:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304]
O44 - LFC:[MD5.14025A53056C9DDB2477E2AEECED6506] - 11/04/2014 - 20:15:17 ---A- . (...) -- C:\Windows\Reimage.ini [155]
O53 - SMSR:HKLM\...\startupreg\Browser Infrastructure Helper [Key] . (...) -- C:\Users\ERIC\AppData\Local\Smartbar\Application\SnapDo.exe (.not file.)
O58 - SDL:[MD5.48F177A68C0FC19652CD41352F294B47] - 08/04/2014 - 14:07:32 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [34304]
SS - | Auto 10/07/1658 0 | (ReimageRealTimeProtection) . (...) - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtection]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Browser Infrastructure Helper]
[HKCU\Software\Reimage]
[HKLM\Software\Reimage]
C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\Reimage.ini
O4 - GS\Desktop [Public]: My LastPass Vault.lnk - Clé orpheline
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O43 - CFD: 11/04/2014 - 21:14:42 - [0] ----D C:\ProgramData\CDB
O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieSiteList
O43 - CFD: 11/04/2014 - 23:33:09 - [0] -SH-D C:\Users\ERIC\AppData\Local\EmieUserList
[MD5.73FF2C17264E56EB3AD7F95412C04CCD] - (.Splashtop Inc. - Splashtop® Streamer Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [790880] [PID.3440]
[MD5.E671A14984D2FC6EAA324ADD17E62304] - (.Splashtop Inc. - Splashtop® Streamer.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe [3918176] [PID.3492]
[MD5.3920745BC3FDB1D4E8E86232AA6BBC4A] - (.Splashtop Inc. - Splashtop® Streamer Feature.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe [7169376] [PID.4532]
SR - | Auto 07/03/2014 790880 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O4 - HKCU\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKUS\S-1-5-21-2166185552-2205534352-89382135-1000\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
ShortcutFix
PROXYFix
EmptyCLSID
FirewallRaz
EmptyFlash
Sysrestore


Cliquer sur "Go" en bas, à gauche

Redémarrer pour achever le nettoyage.

Copier-coller,dans la réponse, le contenu du rapport ZHPFixReport.txt qui s'affiche .
Si besoin; il est enregistré sous C:\ZHP\ZHPFixReport.txt



Télécharger SFTGC.exe
sur le Bureau, impérativement sous peine de risquer un plantage

Il peut être nécessaire de fermer ou désactiver tous les programmes Antivirus, Antispyware, Pare-feu actifs car ils pourraient perturber le fonctionnement de cet outil
Certains outils sont parfois detectés par votre Anti-virus ou votre Anti-Malware comme étant un "RiskTool", un virus ou un "Trojan", or ce n'est pas le cas.
Comment désactiver les protections résidentes
Bien évidemment, vous les rétablirez ensuite.

Sous XP, double cliquer sur le fichier.
Sous Vista/7/8, clic droit sur le fichier pour Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Gopour lancer le nettoyage.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFT.txt)

Comment poster les rapports
Aller sur le site :Ci-Jointicne2cjoint.png
Appuyez sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

Modifié par pear
hollowmanf38 Member

hollowmanf38

Posté(e)
  • Auteur
Posté(e)

ci joint le rapport du registre de rogue killer

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : ERIC [Droits d'admin]
Mode : Suppression -- Date : 04/13/2014 10:33:02
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD10EACS-00D6B0 SCSI Disk Device +++++
--- User ---
[MBR] 86a954ce8c9b827ec15415ac91475da5
[bSP] 1732d7b8e9a9662fd101d56a302f14a8 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) ST31500341AS SCSI Disk Device +++++
--- User ---
[MBR] 251499092f7899b0669998464e17ac5e
[bSP] c5c481a19a41141aef4c4ea69d92148e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST2000DM ST2000DM001-1CH1 SCSI Disk Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) SanDisk SDSSDHP256G SCSI Disk Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) WDC WD20EARS-00J2GB0 SCSI Disk Device +++++
--- User ---
[MBR] f677c2b67c898c6af456f4182a34f181
[bSP] e742f20c8e661f829d657b755ea8ce28 : Legit.A MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ IDE) SAMSUNG HD204UI SCSI Disk Device +++++
--- User ---
[MBR] bd0c5f3ab25df4359f103991e3b813bc
[bSP] a33654b167166e01189ef8713c527406 : Legit.A MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
+++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ IDE) ST315003 ST31500341AS SCSI Disk Device +++++
--- User ---
[MBR] 3db600377b2606fdd75bc2fc55fd725f
[bSP] fcd2ce98f65a71b4ddaa907dcde00352 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
+++++ PhysicalDrive7: (\\.\PHYSICALDRIVE7 @ IDE) SAMSUNG HD154UI SCSI Disk Device +++++
--- User ---
[MBR] 5a3861767437a6d687acf6722d72bad2
[bSP] fee3061c1fd81983eeb6be797cabec35 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1430796 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] Le programme a émis une commande de longueur incorrecte. )
Termine : << RKreport[0]_D_04132014_103302.txt >>
RKreport[0]_S_04132014_103249.txt
hollowmanf38 Member

hollowmanf38

Posté(e)
  • Auteur
Posté(e)

voila le rapport ZHPfix

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by ERIC at 13/04/2014 10:35:35
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 02s)
Réparation des raccourcis navigateur
========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Windows\AutoKMS\AutoKMS.exe
========== Clés du Registre ==========
SUPPRIMÉ: Service: ReimageRealTimeProtection
SUPPRIMÉ: HKCU\Software\Reimage
SUPPRIMÉ:* HKLM\Software\Reimage
SUPPRIMÉ:* StartupReg: Browser Infrastructure Helper
SUPPRIMÉ: Service: SplashtopRemoteService
========== Valeurs du Registre ==========
SUPPRIMÉ RunValue: SDTray
SUPPRIMÉ RunValue: DU Meter
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
SUPPRIMÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Private) : {6B0514D6-3841-42D9-97A4-956AC0D4BFAB}
SUPPRIMÉ: FirewallRaz (Private) : {D3AABCA8-6724-4EFC-BFCC-4807D23ABDFE}
SUPPRIMÉ: FirewallRaz (None) : {27AD53BE-B02D-44DE-9D6F-01A4FFA138EF}
========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIMÉS Flash Cookies (0)
========== Fichiers ==========
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\isafekrnlboot.sys
SUPPRIMÉ: c:\windows\reimage.ini
SUPPRIMÉ Redémarrage: c:\program files (x86)\splashtop\splashtop remote\server\srservice.exe
SUPPRIMÉS Flash Cookies (0) (0 octets)
========== Tache planifiée ==========
SUPPRIMÉ: AutoKMS
SUPPRIMÉ: AutoKMS
SUPPRIMÉ: AutoKMS
SUPPRIMÉ: Reimage Reminder
========== Restauration Système ==========
Aucun Point de restauration du système crée
========== Récapitulatif ==========
1 : Processus mémoire
5 : Clés du Registre
13 : Valeurs du Registre
2 : Dossiers
4 : Fichiers
4 : Tache planifiée
1 : Restauration Système
End of clean in 00mn 05s
========== Chemin de fichier rapport ==========
C:\Users\ERIC\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/04/2014 10:35:38 [2182]

le rapport de sftgc

apport de SFTGC (Pierre13) du Dimanche 13 Avril 2014 à 10:38:50 version : 2.0.0.66
Mis à jour le 07/02/2014
Outil lancé en Mode normal et En tant qu'administrateur
Windows 7 Home Premium Service Pack 1 64 bits
Tool start in C:\Users\ERIC\Downloads\Programs
416 éléments supprimés => 89.42 Mo libérés. (40 s)
Warning !! **/!\** C:\Users\ERIC\AppData\Local\Temp\_MEI53082\main.exe.manifest **/!\**
Warning !! **/!\** C:\Users\ERIC\AppData\Local\Temp\_MEI51162\BoxSync.exe.manifest **/!\**
Warning !! **/!\** C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPDiag2[1].exe **/!\**
C:\Users\ERIC\AppData\Local\Temp\LockedIconOverlay.ico
C:\Users\ERIC\AppData\Local\Temp\Low
C:\Users\ERIC\AppData\Local\Temp\LuUpdater.log
C:\Users\ERIC\AppData\Local\Temp\NotSyncedIconOverlay.ico
C:\Users\ERIC\AppData\Local\Temp\ntdll_dump.dll
C:\Users\ERIC\AppData\Local\Temp\ProblemIconOverlay.ico
C:\Users\ERIC\AppData\Local\Temp\SyncedIconOverlay.ico
C:\Users\ERIC\AppData\Local\Temp\WPDNSE
C:\Users\ERIC\AppData\Local\Temp\~DF39CA591449A71AFA.TMP
C:\Users\ERIC\AppData\Local\Temp\~DFE75DF15DF3852315.TMP
C:\Users\ERIC\AppData\Local\Temp\_MEI58402\resources\i18n\locale
C:\Users\ERIC\AppData\Local\Temp\_MEI53442\resources\i18n\locale
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\bz2.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\gdi32.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\kernel32.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\main.exe.manifest
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfc90.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfc90u.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfcm90.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\mfcm90u.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\msvcp100.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\msvcr100.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\psapi.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\shell32.dll
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32evtlog.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32trace.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32ui.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\win32wnet.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\_win32sysloader.pyd
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support\gen_py
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support\gen_py\__init__.py
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\chrome_ext
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\html
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\js
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\mime
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\mime\drive.mime.types
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\js\XMLHttpRequest.js
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\docs.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdoc48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gdraw48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gform48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-glink48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gsheet48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides32.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-gslides48.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync16.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync16.xpm
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync256.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync32.xpm
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\drive-sync64.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\exclaim.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\file.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-mac.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-winseven.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder-winxp.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\folder.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdoc.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdoc.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdraw.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gdraw.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gform.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gform.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\glink.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\glink.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gnote.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gnote.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gscript.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gscript.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gsheet.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gsheet.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gslides.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gslides.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gtable.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\gtable.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\image_resources.py
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\image_resources.pyo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate1_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate2_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate3_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate4_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate5_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate6_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate7_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-animate8_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-error_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-inactive_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-normal_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-pause-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused-inverse.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused-inverse_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\mac-paused_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\menu_warning.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\menu_warning_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup1.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup2-mac.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup2-win.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup3-bottom.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup3-right.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup4-mac.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup4-win.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup5-mac.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\setup5-win.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-mac.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-winseven.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sharedfolder-winxp.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\shareguyicon.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sheets.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\slides.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.icns
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_128.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_done.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_done_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_error.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_error_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_syncing.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\sync_menu_syncing_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\toprighticon.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\warning-hdpi_2x.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate1.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate2.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate3.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate4.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate5.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate6.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate7.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-animate8.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win-normal.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-error.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-inactive.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\win7-paused.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-error.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-inactive.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\winxp-paused.png
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\__init__.py
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\__init__.pyo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Blacklisted.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Shared.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Synced.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images\overlays\Syncing.ico
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar\LC_MESSAGES
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\html\drive_thankyou.html
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Bold.ttf
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Regular.ttf
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\fonts\Roboto-Thin.ttf
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py
C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py\dicts.dat
C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu\gen_py\__init__.py
C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526\AppCache
C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526\Local Storage
C:\Users\ERIC\AppData\Local\Temp\comtypes_cache\Dropbox-27
C:\Users\ERIC\AppData\LocalLow\Microsoft\Windows\AppCache
C:\Users\ERIC\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3781B4A3713292956206932165FA4132_D37502A09829604D4C1B7778843C560D
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_0F298ACE77D8131FC974A12162988423
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_E1EDEF0C21AE75D448F7327475DF4C9E
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3781B4A3713292956206932165FA4132_D37502A09829604D4C1B7778843C560D
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_0F298ACE77D8131FC974A12162988423
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_E1EDEF0C21AE75D448F7327475DF4C9E
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242
C:\Users\ERIC\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\desktop.ini
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\Low\History.IE5
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014040920140410
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041020140411
C:\Users\ERIC\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041120140412
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\ERIC\AppData\Local\Microsoft\Windows
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\NVIDIA Corporation
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6VVG440
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6VVG440\VersionSFT[1].txt
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\28016ffcbe8a1939af038a0db8cfb2f471a00311[1].htm
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\configW7[1].xml
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\data[1].xml
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPDiag2[1].exe
C:\Users\ERIC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LTA0DUH\ZHPScan[2].txt
C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\ZHPFixReport.txt.lnk
C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms
C:\Users\ERIC\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\9b9cdc69c1c24e2b.automaticDestinations-ms
C:\Users\ERIC\AppData\Local\Temp\comtypes_cache
C:\Users\ERIC\AppData\Local\Temp\scoped_dir5856_10526
C:\Users\ERIC\AppData\Local\Temp\tmpb_jywu
C:\Users\ERIC\AppData\Local\Temp\_MEI58402\resources\i18n
C:\Users\ERIC\AppData\Local\Temp\_MEI53442\resources\i18n
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\support
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\images
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ar
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bg
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\bn
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ca
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\cs
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\da
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\de
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\el
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_GB
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\en_US
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\es
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fi
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fil
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\fr
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\gu
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\he
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hi
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hr
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\hu
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\id
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\it
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ja
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\kn
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ko
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lt
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\lv
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ml
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\mr
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\nl
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\no
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pl
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_BR
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\pt_PT
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ro
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ru
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sk
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sl
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sr
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\sv
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\ta
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\te
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\th
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\tr
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\uk
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\vi
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hans
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh-Hant
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_CN
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_HK
C:\Users\ERIC\AppData\Local\Temp\_MEI53082\resources\i18n\locale\zh_TW
Corbeille vidée.
Fin du rapport.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...