otl.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 29/03/2014 10:51:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maxime\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.92 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 33.16% Memory free
7.83 Gb Paging File | 4.89 Gb Available in Paging File | 62.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 231.00 Gb Total Space | 148.41 Gb Free Space | 64.25% Space Free | Partition Type: NTFS
Drive D: | 345.23 Gb Total Space | 195.55 Gb Free Space | 56.65% Space Free | Partition Type: NTFS
Drive F: | 793.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MAXIME-PC | User Name: Maxime | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/03/29 10:49:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maxime\Downloads\OTL.exe
PRC - [2014/03/14 04:35:09 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/03/14 04:34:34 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/03/14 04:34:34 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/03/05 17:39:55 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/19 11:54:30 | 000,467,000 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
PRC - [2013/04/08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012/11/19 16:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrlS.exe
PRC - [2012/01/29 13:01:01 | 000,446,480 | ---- | M] (ZBANG IT LTD) -- C:\Program Files (x86)\MultiMi\MultiMi.exe
PRC - [2011/09/01 16:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/08/17 07:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/08 11:13:56 | 002,276,944 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011/08/08 11:13:08 | 001,080,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011/08/06 17:20:16 | 000,776,704 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2011/08/06 17:19:48 | 001,634,304 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011/07/29 22:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011/06/24 08:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011/06/04 23:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/05 12:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/05/05 12:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/03/30 14:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/09/20 03:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2010/08/16 12:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe
PRC - [2009/11/02 05:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/03/15 00:50:40 | 013,637,448 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
MOD - [2014/03/15 00:50:40 | 000,394,568 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll
MOD - [2014/03/15 00:50:38 | 004,061,000 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
MOD - [2014/03/15 00:50:35 | 000,716,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
MOD - [2014/03/15 00:50:34 | 000,100,168 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\libegl.dll
MOD - [2014/03/15 00:50:32 | 001,647,432 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
MOD - [2014/03/15 00:50:30 | 000,051,016 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
MOD - [2014/03/05 17:39:55 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
MOD - [2014/02/19 10:53:06 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\5593edae2575d91c62c97959be364aa9\System.WorkflowServices.ni.dll
MOD - [2014/02/19 10:52:51 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\fd746553afb4778c8736b6d8af4caa6d\System.ServiceModel.Web.ni.dll
MOD - [2014/02/19 10:52:47 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\801b632b8b7ef72f14333dbce41524b8\System.Xml.Linq.ni.dll
MOD - [2014/02/19 10:52:23 | 000,135,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\e383182777b770f5eb30064b782bff53\System.Data.DataSetExtensions.ni.dll
MOD - [2014/02/19 10:52:23 | 000,094,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\c2dde6ca38ddab8efae49654fbabc14c\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/02/19 10:51:19 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
MOD - [2014/02/19 10:51:17 | 017,477,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\5cf4b104c2c79c9563d13e289e39c6ba\System.ServiceModel.ni.dll
MOD - [2014/02/19 10:51:17 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll
MOD - [2014/02/19 10:50:46 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014/02/19 10:46:50 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014/02/19 10:46:36 | 011,922,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/19 10:46:26 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/19 10:46:25 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\faf3ae85f2470505e1b32d2154de60ef\System.EnterpriseServices.ni.dll
MOD - [2014/02/19 10:46:24 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\cd3556d1162e8f7df77611c9c4253f7c\System.Transactions.ni.dll
MOD - [2014/02/19 10:46:22 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\4f41ca6f8bf8621aebcbaf7e2f07ecd7\System.Data.ni.dll
MOD - [2014/02/19 10:46:07 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014/02/19 10:45:42 | 000,039,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\ab661afc099166b889ebd2717d2294ea\PresentationCFFRasterizer.ni.dll
MOD - [2014/02/19 10:45:41 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/19 10:45:33 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/19 10:45:29 | 000,060,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\549aa924ef5af7232f4024eb6f8cb97a\UIAutomationProvider.ni.dll
MOD - [2014/02/19 10:45:28 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/19 10:45:23 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014/02/19 10:45:12 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/19 10:45:04 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/19 10:44:55 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/19 10:44:50 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/19 10:43:40 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/07/04 21:46:39 | 000,016,384 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Zbang.Statistics.Domain.Common.dll
MOD - [2012/07/04 21:46:38 | 002,741,248 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Telerik.Windows.Controls.Navigation.dll
MOD - [2012/07/04 21:46:38 | 000,904,704 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\System.Data.SQLite.DLL
MOD - [2012/07/04 21:46:36 | 000,344,064 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\avgreplibx.dll
MOD - [2012/07/04 21:46:36 | 000,020,480 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\AttachedCommandBehavior.dll
MOD - [2012/07/04 21:46:36 | 000,006,656 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Instrumentation.Common.dll
MOD - [2011/11/24 12:58:29 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\MultiMi\ICSharpCode.SharpZipLib.dll
MOD - [2011/02/16 16:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2010/11/21 03:24:08 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/05/07 14:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/02 05:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 05:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/06/10 21:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2006/08/12 03:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:[b]64bit:[/b] - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/04/21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:[b]64bit:[/b] - [2011/04/21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:[b]64bit:[/b] - [2010/09/22 09:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/03/14 04:35:09 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/03/14 04:34:34 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/03/12 07:31:22 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013/04/08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012/11/19 16:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrlS.exe -- (Panda Software Controller)
SRV - [2012/10/27 21:13:12 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/06/04 23:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/05/05 12:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/05/05 12:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/08/16 12:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe -- (PskSvcRetail)
SRV - [2010/06/01 06:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/03/18 07:10:43 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLib64.sys -- (wStLib64)
DRV:[b]64bit:[/b] - [2013/12/19 11:54:50 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2013/12/19 11:54:50 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2013/11/30 07:31:53 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2013/11/16 15:21:50 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013/08/27 09:57:57 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:[b]64bit:[/b] - [2013/08/26 06:51:47 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/03/26 16:57:36 | 000,071,432 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:[b]64bit:[/b] - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/08/17 07:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:[b]64bit:[/b] - [2011/07/29 22:47:20 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:[b]64bit:[/b] - [2011/07/25 16:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:[b]64bit:[/b] - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:[b]64bit:[/b] - [2011/06/17 03:40:40 | 000,186,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2011/06/04 23:22:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2011/05/01 05:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2011/04/22 10:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:[b]64bit:[/b] - [2011/04/21 01:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011/04/11 10:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:[b]64bit:[/b] - [2011/03/31 03:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011/03/31 03:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2011/03/22 18:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:[b]64bit:[/b] - [2011/03/15 02:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:[b]64bit:[/b] - [2011/02/17 23:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/01/27 06:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2010/12/16 10:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/16 00:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2010/10/20 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/21 03:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2010/06/22 16:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:[b]64bit:[/b] - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 00:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011/10/15 01:59:16 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2010/12/01 09:00:00 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\20101201.025\EX64.SYS -- (NAVEX15)
DRV - [2010/12/01 09:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\20101201.025\ENG64.SYS -- (NAVENG)
DRV - [2010/11/23 03:21:16 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20101123.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/11/11 00:46:29 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20101201.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=
IE - HKCU\..\SearchScopes\{A58CD030-5B68-48E5-98F7-E91958BAFB7B}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=4456714253904365&q={searchTerms}
IE - HKCU\..\SearchScopes\{E20497BB-64FA-46D9-99D2-CBE09B30F08C}: "URL" = http://search.softonic.com/MOY00461/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=da5f586e000000000000dca97170996a&r=102
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maxime\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maxime\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013/06/03 14:02:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\IPSFFPlgn\ [2013/08/28 20:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\coFFPlgn_2011_7_13_2 [2014/03/29 10:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/28 10:37:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/20 20:58:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5906c4a5-6de6-4456-b5f6-984436f80a1a}: C:\Program Files (x86)\Re-markit-soft\155.xpi [2014/03/05 17:40:05 | 000,029,572 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/28 10:37:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/20 20:58:52 | 000,000,000 | ---D | M]

[2013/11/16 14:45:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxime\AppData\Roaming\Mozilla\Extensions
[2014/03/24 22:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxime\AppData\Roaming\Mozilla\Firefox\Profiles\fzsi6abq.default\extensions
[2014/02/19 10:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/13 16:44:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2014/03/29 10:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/27 21:13:12 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/25 14:17:28 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/27 13:19:41 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/25 14:17:28 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/25 14:17:28 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/27 13:19:41 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/10/25 14:17:28 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?ctid=CT3324328&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP416352CC-37AC-4896-9E02-D8BAD9EB6A61&q={searchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/np-cwmp.dll
CHR - plugin: Conduit Chrome Approve TB Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/ChromeApproveTBPlugin.dll
CHR - plugin: MicrosoftÂ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Windows LiveÂ"! Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Skype Click to Call = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\
CHR - Extension: Google Wallet = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [fst_fr_94] File not found
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [MultiMi.exe] C:\Program Files (x86)\MultiMi\MultiMi.exe (ZBANG IT LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27D0474D-D09D-4B6F-8688-9CF2141C8092}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6FFDEA5-A7CF-4212-B651-FE866E447144}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/23 20:56:42 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell - "" = AutoRun
O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\AutoRun\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\configure\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\install\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: PskSvcRetail - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/03/29 10:32:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/18 07:10:43 | 000,061,120 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\wStLib64.sys
[2014/03/16 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Maxime\Documents\ENGLISH IDIOMS
[2014/03/15 09:21:56 | 000,000,000 | R--D | C] -- C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/03/15 08:56:01 | 000,000,000 | ---D | C] -- C:\Users\Maxime\AppData\Roaming\Optimizer Elite Max
[2014/03/12 22:40:44 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll
[2014/03/12 22:40:43 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2014/03/12 22:40:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/03/12 22:40:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/03/12 22:40:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/03/12 22:40:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/03/12 22:40:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/03/12 22:40:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/03/12 22:40:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/03/12 22:40:32 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/03/12 22:40:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/03/12 22:40:31 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/03/12 22:40:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/03/12 22:40:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/03/12 22:40:27 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/03/12 22:40:27 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/03/12 22:40:26 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/03/12 22:40:26 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/03/12 22:40:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/03/12 22:40:24 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/03/12 22:40:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/03/12 22:40:22 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/03/12 22:40:22 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/03/12 22:40:21 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/03/12 22:40:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/03/12 22:40:19 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/12 22:39:10 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014/03/12 22:39:10 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014/03/12 22:39:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2014/03/08 08:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB
[2014/03/05 17:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit-soft
[2014/03/01 18:34:16 | 000,000,000 | ---D | C] -- C:\Users\Maxime\Documents\DU MOT A LA PHRASE
[3 C:\Users\Maxime\Documents\*.tmp files -> C:\Users\Maxime\Documents\*.tmp -> ]
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/03/29 11:00:00 | 000,000,302 | ---- | M] () -- C:\windows\tasks\PCHelpers_period.job
[2014/03/29 10:54:48 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/29 10:54:48 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/29 10:43:07 | 000,000,392 | ---- | M] () -- C:\windows\tasks\Re-markit_wd.job
[2014/03/29 10:42:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/29 10:38:43 | 000,001,168 | ---- | M] () -- C:\Users\Maxime\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/29 10:31:38 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/03/29 10:21:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001UA.job
[2014/03/28 15:21:01 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001Core.job
[2014/03/28 06:54:08 | 000,000,147 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\WB.CFG
[2014/03/26 18:19:27 | 000,000,378 | ---- | M] () -- C:\windows\tasks\APSnotifierCA.job
[2014/03/19 16:52:37 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/18 07:10:43 | 000,061,120 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\wStLib64.sys
[2014/03/15 09:18:16 | 000,000,302 | ---- | M] () -- C:\windows\tasks\PCHelpers1st.job
[2014/03/15 08:56:00 | 000,005,265 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\callbanner.png
[2014/03/13 06:56:59 | 000,471,016 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/03/12 07:31:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 07:31:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/11 14:14:05 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/03/11 14:14:05 | 000,667,096 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/03/11 14:14:05 | 000,126,740 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/03/09 18:17:21 | 000,001,124 | ---- | M] () -- C:\Users\Maxime\Desktop\Continue PDF Writer Installation.lnk
[2014/03/08 08:52:52 | 000,000,163 | ---- | M] () -- C:\windows\Reimage.ini
[2014/03/05 17:44:10 | 000,000,608 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\aps.scan.quick.results
[2014/03/01 05:16:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/03/01 04:52:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/03/01 04:51:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/03/01 04:40:43 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/03/01 04:37:12 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/03/01 04:33:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/03/01 04:32:59 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/03/01 04:23:49 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/01 04:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/03/01 04:02:07 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/03/01 03:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/03/01 03:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/03/01 03:51:53 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/03/01 03:43:28 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/03/01 03:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/03/01 03:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/03/01 03:38:26 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/03/01 03:37:35 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/03/01 03:35:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/03/01 03:16:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/03/01 03:00:08 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/03/01 02:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/03/01 02:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[3 C:\Users\Maxime\Documents\*.tmp files -> C:\Users\Maxime\Documents\*.tmp -> ]
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/03/29 11:00:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/03/15 08:56:00 | 000,005,265 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\callbanner.png
[2014/03/15 08:51:20 | 000,000,302 | ---- | C] () -- C:\windows\tasks\PCHelpers1st.job
[2014/03/15 08:51:20 | 000,000,302 | ---- | C] () -- C:\windows\tasks\PCHelpers_period.job
[2014/03/09 18:17:20 | 000,001,124 | ---- | C] () -- C:\Users\Maxime\Desktop\Continue PDF Writer Installation.lnk
[2014/03/08 08:47:57 | 000,000,163 | ---- | C] () -- C:\windows\Reimage.ini
[2014/03/05 17:44:09 | 000,000,378 | ---- | C] () -- C:\windows\tasks\APSnotifierCA.job
[2014/03/05 17:43:35 | 000,000,608 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\aps.scan.quick.results
[2014/03/05 17:40:13 | 000,000,392 | ---- | C] () -- C:\windows\tasks\Re-markit_wd.job
[2014/03/05 17:40:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/22 12:08:21 | 000,079,360 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2013/12/18 20:47:02 | 000,000,147 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\WB.CFG
[2013/08/27 10:00:29 | 000,000,000 | ---- | C] () -- C:\windows\PAVSHRB.INI
[2012/08/23 10:45:24 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\49042InstEnd]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\AnyProtect]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]

[HKEY_CURRENT_USER\Software\Apple Inc.]

[HKEY_CURRENT_USER\Software\ASProtect]

[HKEY_CURRENT_USER\Software\Avira]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\CyberLink]

[HKEY_CURRENT_USER\Software\Disc Soft]

[HKEY_CURRENT_USER\Software\Elantech]

[HKEY_CURRENT_USER\Software\GNU]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\Hewlett-Packard]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\KasperskyLab]

[HKEY_CURRENT_USER\Software\kde.org]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\MainConcept]

[HKEY_CURRENT_USER\Software\McAfee]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\Nokia]

[HKEY_CURRENT_USER\Software\Norton]

[HKEY_CURRENT_USER\Software\NVIDIA Corporation]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\OpenOffice]

[HKEY_CURRENT_USER\Software\PDF Architect]

[HKEY_CURRENT_USER\Software\PDFCreator]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Pistonsoft]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\Reimage]

[HKEY_CURRENT_USER\Software\Research In Motion]

[HKEY_CURRENT_USER\Software\Samsung]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\TeleCharger]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\Zbang]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\AceBIT]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\anset]

[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Avira]

[HKEY_LOCAL_MACHINE\Software\Better-Surf]

[HKEY_LOCAL_MACHINE\Software\BuzzSearch]

[HKEY_LOCAL_MACHINE\Software\Caphyon]

[HKEY_LOCAL_MACHINE\Software\CyberLink]

[HKEY_LOCAL_MACHINE\Software\Disc Soft]

[HKEY_LOCAL_MACHINE\Software\dotNetInstaller]

[HKEY_LOCAL_MACHINE\Software\free ven]

[HKEY_LOCAL_MACHINE\Software\GNU]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\i-beta]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\KasperskyLab]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\KNOWHOW]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Loader]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nokia]

[HKEY_LOCAL_MACHINE\Software\Norton]

[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\OpenOffice]

[HKEY_LOCAL_MACHINE\Software\Panda Software]

[HKEY_LOCAL_MACHINE\Software\PC Connectivity Solution]

[HKEY_LOCAL_MACHINE\Software\PDFCreator]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\Research In Motion]

[HKEY_LOCAL_MACHINE\Software\Samsung]

[HKEY_LOCAL_MACHINE\Software\Samsung Electronics Co., Ltd.]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\SweetIM]

[HKEY_LOCAL_MACHINE\Software\Symantec]

[HKEY_LOCAL_MACHINE\Software\SymNRT]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\WildTangent]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node]

[HKEY_LOCAL_MACHINE\Software\X-AVCSD]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/15 19:43:56 | 000,000,040 | ---- | M] () -- C:\log.txt
[2014/03/29 10:42:31 | 4204,314,624 | -HS- | M] () -- C:\pagefile.sys
[2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/12/15 22:34:04 | 000,002,528 | ---- | M] () -- C:\{8941B3CA-6F12-4200-A159-0976869F9F4B}

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2012/10/27 11:40:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/03/29 10:39:04 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2014/03/29 10:46:42 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011/08/26 07:33:26 | 000,000,000 | ---D | M] -- C:\Intel
[2013/08/02 23:52:26 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/14 03:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/03/15 09:21:00 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/03/29 10:37:15 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014/03/29 10:36:42 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012/02/11 17:56:15 | 000,000,000 | -HSD | M] -- C:\Recovery
[2014/03/29 11:00:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013/12/03 08:09:11 | 000,000,000 | ---D | M] -- C:\Temp
[2012/02/11 17:57:39 | 000,000,000 | R--D | M] -- C:\Users
[2014/03/08 08:47:57 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %Userprofile%\* >[/color]
[2014/01/22 12:07:54 | 000,000,000 | ---- | M] () -- C:\Users\Maxime\daemonprocess.txt
[2012/02/11 18:00:13 | 000,000,148 | ---- | M] () -- C:\Users\Maxime\DiskScrP.txt
[2014/03/29 11:07:27 | 013,631,488 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat
[2014/03/29 11:07:27 | 000,262,144 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat.LOG1
[2012/02/11 17:57:39 | 000,000,000 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat.LOG2
[2012/02/11 18:45:48 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012/02/11 18:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012/02/11 18:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012/12/13 22:09:37 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TM.blf
[2012/12/13 22:09:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2012/12/13 22:09:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/08/02 15:31:00 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TM.blf
[2013/08/02 15:31:00 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/08/02 15:31:00 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/08/28 20:02:23 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TM.blf
[2013/08/28 20:02:23 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/08/28 20:02:23 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/09/25 17:40:14 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TM.blf
[2013/09/25 17:40:14 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/09/25 17:40:14 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/07/11 08:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TM.blf
[2013/07/11 08:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/07/11 08:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/05/19 17:56:34 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TM.blf
[2013/05/19 17:56:34 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/05/19 17:56:34 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/06/24 16:33:05 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TM.blf
[2013/06/24 16:33:05 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/06/24 16:33:05 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/02/13 09:18:30 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TM.blf
[2013/02/13 09:18:30 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/02/13 09:18:30 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2013/06/28 18:51:03 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TM.blf
[2013/06/28 18:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TMContainer00000000000000000001.regtrans-ms
[2013/06/28 18:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TMContainer00000000000000000002.regtrans-ms
[2012/02/11 17:57:39 | 000,000,020 | -HS- | M] () -- C:\Users\Maxime\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2014/01/22 12:08:26 | 000,000,000 | ---D | M] -- C:\Users\Maxime\.android
[2013/11/12 06:48:47 | 000,000,000 | -H-D | M] -- C:\Users\Maxime\AppData
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Application Data
[2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Contacts
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Cookies
[2014/03/29 10:38:38 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Desktop
[2014/03/29 10:38:37 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Documents
[2014/03/29 10:49:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Downloads
[2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Favorites
[2013/09/12 08:08:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Links
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Local Settings
[2013/11/03 16:57:15 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Music
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\My Documents
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\NetHood
[2012/02/11 13:00:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\pick&zip
[2014/01/26 14:22:57 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Pictures
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\PrintHood
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Recent
[2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Saved Games
[2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Searches
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\SendTo
[2013/09/12 08:08:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\SkyDrive
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Start Menu
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Templates
[2014/03/02 09:23:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\Tracing
[2013/09/17 15:21:26 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Videos

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2014/03/19 16:52:37 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/08/26 08:42:50 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2011/08/26 08:35:25 | 000,000,113 | ---- | M] () -- C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
[2011/08/26 08:40:15 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2011/08/26 08:39:22 | 000,000,106 | ---- | M] () -- C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
[2011/08/26 08:42:16 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2013/06/28 10:42:37 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/02/05 15:47:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2013/05/05 20:02:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2013/05/05 20:06:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2013/08/27 11:54:49 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2013/04/24 08:16:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2013/08/27 09:46:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Backup
[2014/03/08 08:51:10 | 000,000,000 | ---D | M] -- C:\ProgramData\CDB
[2012/02/11 11:10:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2012/11/02 19:14:27 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2013/11/16 15:22:49 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/06/25 13:24:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Hewlett-Packard
[2013/06/12 14:15:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/08/26 07:41:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2011/08/26 07:40:16 | 000,000,000 | ---D | M] -- C:\ProgramData\KNOWHOW
[2012/02/15 15:07:20 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2013/08/28 14:40:19 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee Security Scan
[2014/02/25 08:06:55 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2014/03/13 06:28:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2013/09/12 08:08:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft SkyDrive
[2013/11/16 16:16:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Toolkit
[2012/10/25 14:17:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2013/09/17 15:21:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2013/08/25 20:39:16 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2011/08/26 08:06:14 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2011/08/26 07:34:41 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2013/08/27 09:44:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Panda Security
[2012/06/13 20:54:03 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2013/02/13 08:11:58 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2013/09/12 07:21:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Promote Installer
[2012/06/19 18:31:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Research In Motion
[2011/08/27 01:55:59 | 000,000,000 | ---D | M] -- C:\ProgramData\SAMSUNG
[2014/02/19 10:45:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2013/02/11 17:03:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2011/08/26 07:49:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Symantec
[2014/03/05 17:41:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/03/14 05:36:31 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2011/08/26 07:48:50 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2013/08/28 14:40:21 | 000,000,000 | ---D | M] -- C:\ProgramData\WinClon

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2013/11/22 08:44:15 | 000,122,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/03/29 10:40:53 | 002,758,228 | -H-- | M] () -- C:\Users\Maxime\AppData\Local\IconCache.db
[1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ]

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2012/02/15 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Adobe
[2012/06/16 21:23:13 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple
[2013/05/05 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple Computer
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Application Data
[2013/10/05 16:59:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\avgchrome
[2014/01/27 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\cache
[2014/03/29 10:50:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CrashDumps
[2013/04/10 19:18:57 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CRE
[2014/03/24 18:28:00 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Diagnostics
[2014/01/28 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\ElevatedDiagnostics
[2012/02/11 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\eMusic
[2012/02/11 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Google
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\History
[2014/02/08 11:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Macromedia
[2013/11/22 08:43:03 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft
[2013/02/07 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft Help
[2012/02/11 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Mozilla
[2012/02/11 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Power2Go
[2013/02/05 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Programs
[2012/06/19 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Research In Motion
[2012/02/11 12:21:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Samsung
[2012/03/13 10:34:17 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\SoftGrid Client
[2014/03/29 11:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Temp
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Temporary Internet Files
[2013/04/08 08:14:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Updater12765
[2013/09/12 07:39:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\VirtualStore
[2012/05/21 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Windows Live
[2012/08/10 21:41:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1A1C9D08-22E2-43D1-BA17-C5D1E872C58F}
[2012/03/04 14:46:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1AEE7ED5-3389-497A-AB92-AEBFDB62A0F7}
[2012/04/15 16:41:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{20881E20-55C1-4872-AC97-9DA14AC54410}
[2012/05/08 14:41:53 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{3E542390-8345-4718-8C82-BC1BC322E573}
[2013/07/18 20:31:58 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{4F3C4D4A-C220-4DC1-884F-6D9192FC0873}
[2013/12/06 12:41:45 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{517150EF-8DD2-46AA-978C-4F6BBB807A6F}
[2012/07/24 12:00:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{524CB40C-5FA2-48CF-9001-7980A0955D86}
[2012/10/17 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{55C2E60C-2D46-4FEE-96BA-670803192EED}
[2012/08/11 09:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{59B93D75-88BA-48CA-B76C-98CC12AE0428}
[2012/03/04 16:03:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{690D2DE4-82D2-43E3-978A-EA15E4A4292D}
[2012/05/21 21:52:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{76A24D48-C567-4A40-B618-4D9C6BC18851}
[2013/02/11 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{78129D96-FD4F-429D-B8A7-D6322EF8A4F4}
[2012/09/27 06:55:05 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{7A17DFEF-2E26-41E7-9B71-6EA311EB0F94}
[2012/05/21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8A271550-BC96-4382-94B3-D2A82EA46D9D}
[2012/05/08 14:41:43 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8C2757A5-5697-49A7-93E1-E7855F72B851}
[2013/11/17 10:54:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{A29726AA-092F-47CA-AF45-9CD09DD3275C}
[2012/09/18 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{AE470A90-4A24-4875-A71A-F2D3FF2AF89B}
[2012/07/24 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{BF03D2DB-4284-4764-B45D-34A8F85E5F31}
[2012/05/21 21:52:10 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C3AF7CEE-0995-49B3-9B13-5A661695E428}
[2012/08/10 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C6E9C7BF-900A-477D-AE8A-4B5DABF6F3D1}
[2012/11/22 16:37:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{D9C8E85D-E3E1-456E-A18A-E242B2CA6229}
[2012/05/21 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{F960F993-91DF-4C2D-A7BA-05E2669C3F08}

[color=#A23BEC]< %programFiles%\* >[/color]
[2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2013/02/05 15:45:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/06/16 21:23:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2013/04/24 08:16:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira
[2013/05/05 20:00:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2014/03/29 10:36:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BuzzSearch
[2014/03/29 10:37:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/08/26 08:44:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2013/11/16 15:21:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/01/22 12:08:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ffdshow
[2013/10/05 16:57:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free MP3 Sound Recorder
[2012/06/25 14:24:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free PDF to Word Converter
[2013/10/05 16:57:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\i-beta
[2013/08/27 09:44:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/02/11 18:02:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2014/03/13 06:53:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/06/28 10:42:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2013/02/11 17:01:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/08/26 07:40:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KNOWHOW
[2013/11/16 14:40:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2013/11/21 18:21:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/11/21 18:20:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2014/03/13 06:55:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/09/12 08:08:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SkyDrive
[2011/08/26 08:20:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/11/21 18:22:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/11/21 18:23:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/29 10:46:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/01 00:41:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/11/21 18:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2012/12/28 10:52:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2012/02/11 11:10:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MultiMi
[2013/08/25 20:40:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton 360
[2013/08/25 20:39:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2011/08/26 07:35:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/11/16 17:39:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4
[2013/09/04 13:32:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Panda Security
[2012/06/13 20:53:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Connectivity Solution
[2013/06/03 14:03:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Architect
[2013/08/27 11:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDFCreator
[2013/06/28 10:37:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2014/03/05 17:40:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Re-markit-soft
[2011/08/26 07:36:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 05:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/06/19 18:30:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Research In Motion
[2012/04/16 19:10:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Research In Motion Limited
[2011/08/26 08:56:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2014/01/22 12:02:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SecretSauce
[2014/03/29 10:46:37 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2012/02/11 12:14:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Social Tools, Inc
[2011/08/26 07:49:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2011/08/26 07:36:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 04:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/08/26 07:48:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames
[2013/07/11 08:58:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/08/26 08:33:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/12/15 14:23:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 05:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 03:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/02/13 16:44:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yawcam

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2014/03/29 10:46:32 | 000,090,112 | ---- | M] () -- C:\windows\Temp\certutil.exe
[2014/02/18 16:56:48 | 001,542,696 | ---- | M] (McAfee, Inc.) -- C:\windows\Temp\contentDATs.exe
[2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsn672F.exe
[2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsn675D.exe
[2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nssDEBF.exe
[2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsx4B56.exe
[2014/02/18 16:56:13 | 008,325,256 | ---- | M] (McAfee, Inc.) -- C:\windows\Temp\SecurityScan_Release.exe
[26 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2013/11/21 19:04:54 | 000,016,284 | ---- | M] () -- C:\windows\system32\ieuinit.inf
[2013/02/11 16:58:16 | 000,000,620 | ---- | M] () -- C:\windows\system32\InstallUtil.InstallLog
[2009/07/14 04:55:01 | 000,000,535 | ---- | M] () -- C:\windows\system32\mapisvc.inf
[2014/02/26 17:37:09 | 000,766,780 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2014/03/29 10:31:38 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014/03/26 18:19:27 | 000,000,378 | ---- | M] () -- C:\windows\Tasks\APSnotifierCA.job
[2014/03/28 15:21:01 | 000,000,860 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001Core.job
[2014/03/29 10:21:00 | 000,000,912 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001UA.job
[2014/03/15 09:18:16 | 000,000,302 | ---- | M] () -- C:\windows\Tasks\PCHelpers1st.job
[2014/03/29 11:00:00 | 000,000,302 | ---- | M] () -- C:\windows\Tasks\PCHelpers_period.job
[2014/03/29 10:43:07 | 000,000,392 | ---- | M] () -- C:\windows\Tasks\Re-markit_wd.job
[2014/03/29 10:42:38 | 000,000,006 | -H-- | M] () -- C:\windows\Tasks\SA.DAT
[2014/03/15 08:18:56 | 000,032,620 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2009/07/14 03:20:14 | 000,000,000 | ---D | M] -- C:\windows\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]
[2013/12/22 09:21:55 | 001,019,944 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IExplorerMinibarInstaller[1].exe
[2014/02/20 15:38:23 | 000,000,000 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IExplorerMinibarInstaller[2].exe
[2013/03/05 15:07:39 | 001,152,168 | ---- | M] (McAfee, Inc.) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLAV1ALL\contentDATs[1].exe
[2013/04/08 08:38:46 | 002,309,160 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\BBUpdate[1].EXE
[2013/02/19 16:14:04 | 003,793,216 | ---- | M] (McAfee, Inc.) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\SecurityScan_Release[1].exe
[2013/05/24 20:16:59 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\wajam_update[1].exe
[2013/04/24 08:11:19 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W609P8WO\wajam_update[1].exe
[2013/05/15 19:13:18 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W609P8WO\wajam_update[2].exe
[2013/02/13 09:11:31 | 002,202,168 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YL02F17B\BBUpdate[1].EXE
[2013/01/19 17:20:52 | 008,282,192 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YL02F17B\BingBarSetup-Partner[1].EXE

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2014/03/05 17:41:00 | 010,365,728 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\BackupSetup.exe
[2014/01/31 02:59:00 | 000,847,640 | ---- | M] (Google Inc.) -- C:\Users\Maxime\AppData\Local\Temp\GoogleUpdateSetup.exe612c60c
[2014/03/09 18:17:20 | 001,297,080 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\ICReinstall_PDFWriterSetup.exe
[2014/02/17 17:32:23 | 000,588,672 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\ICReinstall_Setup (9).exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsa7CD4.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsa850F.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsaDE13.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsaE564.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk1528.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk717D.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk7E4B.exe
[2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk86F0.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp28C9.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp6D58.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp762F.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nspBFF7.exe
[2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsu2011.exe
[2014/03/13 22:13:50 | 000,918,016 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\Quarantine.exe
[2014/03/08 08:49:27 | 010,377,856 | ---- | M] (Reimage®) -- C:\Users\Maxime\AppData\Local\Temp\ReimagePackage.exe
[2014/03/08 08:47:49 | 000,759,448 | ---- | M] (Reimage®) -- C:\Users\Maxime\AppData\Local\Temp\ReimageRepair.exe
[2014/02/06 15:29:30 | 006,180,176 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\SPSetup.exe
[2013/12/19 12:22:58 | 000,056,352 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\Uni000.exe
[2014/03/05 17:41:15 | 004,961,800 | ---- | M] (Microsoft Corporation) -- C:\Users\Maxime\AppData\Local\Temp\vcredist_x64.exe
[373 C:\Users\Maxime\AppData\Local\Temp\*.tmp files -> C:\Users\Maxime\AppData\Local\Temp\*.tmp -> ]
[2014/03/05 17:40:31 | 006,602,128 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\{4F7CB5C5-A642-41AF-ADB4-B87ACB1DF6D2}\setup.exe
[2014/02/15 14:50:31 | 006,602,128 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\{FBCD770B-BEDA-4305-985A-6F7B43E7ED31}\setup.exe
[2014/02/15 14:47:47 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\android.exe
[2014/02/15 14:47:31 | 002,592,168 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\spidentifierimpl.exe
[2014/02/15 14:51:25 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\Cloud_Backup_Setup.exe
[2014/02/15 14:51:21 | 006,742,197 | ---- | M] (Cehdhxguc) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\feven-pro.exe
[2014/02/15 14:49:57 | 003,277,472 | ---- | M] (FREESOFTTODAY ) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\Freesofttoday.exe
[2014/02/15 14:51:54 | 009,820,560 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\New_Player.exe
[2014/02/15 14:50:52 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\OptimizerPro.exe
[2014/02/15 14:48:55 | 000,066,368 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\sp-downloader.exe
[2014/03/05 17:40:44 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\Cloud_Backup_Setup.exe
[2014/03/05 17:40:30 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\OptimizerPro.exe
[2014/03/05 17:40:42 | 006,603,238 | ---- | M] (Iscyxzc) -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\videoforpc.exe
[2014/03/05 17:40:43 | 000,212,866 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\VOPackage.exe
[2013/11/26 09:16:38 | 000,486,400 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\449676nsv8521\sqlite3.exe
[2014/02/04 16:20:18 | 000,025,088 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\android\android.exe
[2014/03/15 08:49:39 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\android.exe
[2014/03/15 08:50:26 | 006,559,625 | ---- | M] (Nqjfylo) -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\software\fiv_en.exe
[2014/03/15 08:51:16 | 001,792,816 | ---- | M] (Viracure Limited) -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\software\OptimizerEliteMax.exe
[2014/02/15 14:47:53 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\android.exe
[2014/02/15 14:47:33 | 002,592,168 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\spidentifierimpl.exe
[2014/02/15 14:50:53 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\Cloud_Backup_Setup.exe
[2014/02/15 14:50:51 | 006,742,197 | ---- | M] (Cehdhxguc) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\feven-pro.exe
[2014/02/15 14:48:50 | 003,277,472 | ---- | M] (FREESOFTTODAY ) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\Freesofttoday.exe
[2014/02/15 14:51:28 | 009,820,560 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\New_Player.exe
[2014/02/15 14:50:31 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\OptimizerPro.exe
[2014/02/15 14:48:25 | 000,066,368 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\sp-downloader.exe
[2014/01/14 18:28:48 | 000,116,608 | ---- | M] (S¬N´fÎÑyb¡ýN gPlQøS) -- C:\Users\Maxime\AppData\Local\Temp\fullpackage_temp1390392160\Baofeng.exe
[2014/01/22 12:04:29 | 004,491,312 | ---- | M] (337 Technology Limited.) -- C:\Users\Maxime\AppData\Local\Temp\fullpackage_temp1390392160\tmp\desk365.exe
[2014/02/12 12:01:18 | 000,407,848 | ---- | M] (Software ) -- C:\Users\Maxime\AppData\Local\Temp\is-F21PQ.tmp\package_SelectionTool_installer_multilang.exe
[2014/02/15 14:48:49 | 005,987,944 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsf53DC\SpSetup.exe
[2013/12/13 08:02:27 | 001,706,056 | ---- | M] (Iminent) -- C:\Users\Maxime\AppData\Local\Temp\RarSFX0\Binaries\IExploreInstaller.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2012/07/22 10:47:52 | 003,459,512 | ---- | M] (Zbang.it) -- C:\Users\Maxime\AppData\Roaming\MultiMi\MultiMiSetup_1.0.6.11596_sweetim.exe
[2012/07/04 21:46:37 | 003,323,960 | ---- | M] (ZBANG IT LTD) -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\MultiMiUi.exe
[2012/07/04 21:46:37 | 003,323,960 | ---- | M] (ZBANG IT LTD) -- C:\Users\Maxime\AppData\Roaming\MultiMi\ImplementationBackup\MultiMiUi.exe
[2012/06/19 18:41:05 | 112,927,096 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\Extractor.exe

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2013/11/22 08:44:15 | 000,122,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/03/29 10:40:53 | 002,758,228 | -H-- | M] () -- C:\Users\Maxime\AppData\Local\IconCache.db
[1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ]

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2012/02/15 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Adobe
[2012/06/16 21:23:13 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple
[2013/05/05 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple Computer
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Application Data
[2013/10/05 16:59:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\avgchrome
[2014/01/27 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\cache
[2014/03/29 10:50:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CrashDumps
[2013/04/10 19:18:57 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CRE
[2014/03/24 18:28:00 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Diagnostics
[2014/01/28 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\ElevatedDiagnostics
[2012/02/11 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\eMusic
[2012/02/11 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Google
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\History
[2014/02/08 11:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Macromedia
[2013/11/22 08:43:03 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft
[2013/02/07 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft Help
[2012/02/11 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Mozilla
[2012/02/11 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Power2Go
[2013/02/05 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Programs
[2012/06/19 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Research In Motion
[2012/02/11 12:21:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Samsung
[2012/03/13 10:34:17 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\SoftGrid Client
[2014/03/29 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Temp
[2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Temporary Internet Files
[2013/04/08 08:14:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Updater12765
[2013/09/12 07:39:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\VirtualStore
[2012/05/21 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Windows Live
[2012/08/10 21:41:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1A1C9D08-22E2-43D1-BA17-C5D1E872C58F}
[2012/03/04 14:46:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1AEE7ED5-3389-497A-AB92-AEBFDB62A0F7}
[2012/04/15 16:41:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{20881E20-55C1-4872-AC97-9DA14AC54410}
[2012/05/08 14:41:53 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{3E542390-8345-4718-8C82-BC1BC322E573}
[2013/07/18 20:31:58 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{4F3C4D4A-C220-4DC1-884F-6D9192FC0873}
[2013/12/06 12:41:45 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{517150EF-8DD2-46AA-978C-4F6BBB807A6F}
[2012/07/24 12:00:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{524CB40C-5FA2-48CF-9001-7980A0955D86}
[2012/10/17 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{55C2E60C-2D46-4FEE-96BA-670803192EED}
[2012/08/11 09:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{59B93D75-88BA-48CA-B76C-98CC12AE0428}
[2012/03/04 16:03:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{690D2DE4-82D2-43E3-978A-EA15E4A4292D}
[2012/05/21 21:52:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{76A24D48-C567-4A40-B618-4D9C6BC18851}
[2013/02/11 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{78129D96-FD4F-429D-B8A7-D6322EF8A4F4}
[2012/09/27 06:55:05 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{7A17DFEF-2E26-41E7-9B71-6EA311EB0F94}
[2012/05/21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8A271550-BC96-4382-94B3-D2A82EA46D9D}
[2012/05/08 14:41:43 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8C2757A5-5697-49A7-93E1-E7855F72B851}
[2013/11/17 10:54:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{A29726AA-092F-47CA-AF45-9CD09DD3275C}
[2012/09/18 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{AE470A90-4A24-4875-A71A-F2D3FF2AF89B}
[2012/07/24 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{BF03D2DB-4284-4764-B45D-34A8F85E5F31}
[2012/05/21 21:52:10 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C3AF7CEE-0995-49B3-9B13-5A661695E428}
[2012/08/10 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C6E9C7BF-900A-477D-AE8A-4B5DABF6F3D1}
[2012/11/22 16:37:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{D9C8E85D-E3E1-456E-A18A-E242B2CA6229}
[2012/05/21 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{F960F993-91DF-4C2D-A7BA-05E2669C3F08}

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/15 19:43:56 | 000,000,040 | ---- | M] () -- C:\log.txt
[2014/03/29 10:42:31 | 4204,314,624 | -HS- | M] () -- C:\pagefile.sys
[2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/12/15 22:34:04 | 000,002,528 | ---- | M] () -- C:\{8941B3CA-6F12-4200-A159-0976869F9F4B}

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 06:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 03:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 03:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 08:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 08:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011/03/01 08:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011/03/01 08:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 08:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 08:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 05:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 01:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 01:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/04 22:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/07/09 05:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 04:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 03:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 06:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 01:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 01:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 01:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2012/10/03 17:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 11:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 06:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 03:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 03:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 03:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2012/05/01 05:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 03:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 03:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2012/06/02 22:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color]
Volume in drive C has no label.
Volume Serial Number is DA5F-586E
Directory of C:\
14/07/2009 05:08 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
14/07/2009 05:08 <JUNCTION> Application Data [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 05:08 <JUNCTION> Documents [C:\Users\Public\Documents]
14/07/2009 05:08 <JUNCTION> Favorites [C:\Users\Public\Favorites]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
14/07/2009 05:08 <SYMLINKD> All Users [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
14/07/2009 05:08 <JUNCTION> Application Data [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 05:08 <JUNCTION> Documents [C:\Users\Public\Documents]
14/07/2009 05:08 <JUNCTION> Favorites [C:\Users\Public\Favorites]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
14/07/2009 05:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009 05:08 <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009 05:08 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
14/07/2009 05:08 <JUNCTION> My Documents [C:\Users\Default\Documents]
14/07/2009 05:08 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009 05:08 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009 05:08 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009 05:08 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
14/07/2009 05:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
14/07/2009 05:08 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 05:08 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
14/07/2009 05:08 <JUNCTION> My Music [C:\Users\Default\Music]
14/07/2009 05:08 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
14/07/2009 05:08 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Maxime
11/02/2012 17:57 <JUNCTION> Application Data [C:\Users\Maxime\AppData\Roaming]
11/02/2012 17:57 <JUNCTION> Cookies [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2012 17:57 <JUNCTION> Local Settings [C:\Users\Maxime\AppData\Local]
11/02/2012 17:57 <JUNCTION> My Documents [C:\Users\Maxime\Documents]
11/02/2012 17:57 <JUNCTION> NetHood [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2012 17:57 <JUNCTION> PrintHood [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2012 17:57 <JUNCTION> Recent [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2012 17:57 <JUNCTION> SendTo [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2012 17:57 <JUNCTION> Start Menu [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2012 17:57 <JUNCTION> Templates [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Maxime\AppData\Local
11/02/2012 17:57 <JUNCTION> Application Data [C:\Users\Maxime\AppData\Local]
11/02/2012 17:57 <JUNCTION> History [C:\Users\Maxime\AppData\Local\Microsoft\Windows\History]
11/02/2012 17:57 <JUNCTION> Temporary Internet Files [C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Maxime\Documents
11/02/2012 17:57 <JUNCTION> My Music [C:\Users\Maxime\Music]
11/02/2012 17:57 <JUNCTION> My Pictures [C:\Users\Maxime\Pictures]
11/02/2012 17:57 <JUNCTION> My Videos [C:\Users\Maxime\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
14/07/2009 05:08 <JUNCTION> My Music [C:\Users\Public\Music]
14/07/2009 05:08 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 05:08 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
26/08/2011 07:35 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
26/08/2011 07:35 <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
26/08/2011 07:35 <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
26/08/2011 07:35 <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
26/08/2011 07:35 <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
26/08/2011 07:35 <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
26/08/2011 07:35 <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
26/08/2011 07:35 <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
26/08/2011 07:35 <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
26/08/2011 07:35 <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
26/08/2011 07:35 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
26/08/2011 07:35 <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
26/08/2011 07:35 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
26/08/2011 07:35 <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
26/08/2011 07:35 <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
26/08/2011 07:35 <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
66 Dir(s) 159,256,883,200 bytes free

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013/11/20 17:08:13 | 105,361,780 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\zôî
[2013/11/20 17:08:13 | 105,361,780 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\zôî
[2013/09/15 19:56:08 | 097,671,483 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\O(ñ}î
[2013/09/15 19:56:08 | 097,671,483 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\O(ñ}î
[2013/09/11 17:59:41 | 097,170,353 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\û6æî
[2013/09/11 17:59:41 | 097,170,353 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\û6æî

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Signaler le contenu de ce document