cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by CC (administrator) on PCCC on 08-02-2014 16:52:49
Running from C:\Users\CC\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
() C:\Program Files (x86)\Video-Saver\video-saver152.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
() C:\Program Files (x86)\Wallpaper\Wallpaper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(SourceForge.net) C:\Program Files (x86)\Password Safe\pwsafe.exe
() C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
() C:\Windows\SysWOW64\OSDForm.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\Adobe QT32 Server.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [82464 2008-06-24] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [15836192 2008-06-24] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SoundMAX] - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3641344 2008-01-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [Buttons & OSDs control application gen2] - C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe [2199552 2008-04-18] ()
HKLM-x32\...\Run: [HP KEYBOARD] - C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE [463360 2008-05-24] (Hewlett-Packard)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2007-12-19] (Analog Devices, Inc.)
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\Run: [SuperCopier2.exe] - C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\Run: [Wallpaper] - C:\Program Files (x86)\Wallpaper\Wallpaper.exe [233472 2007-08-21] ()
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\Run: [CAHeadless] - C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1046944 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\MountPoints2: {16557550-fa24-11e2-aecb-00221533a59b} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4154590487-1511992936-3810515737-1000\...\MountPoints2: {b13d5d8d-8d7d-11dd-ad89-00218663e388} - G:\LaunchU3.exe
Startup: C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=crossfire&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=crossfire&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {5713E691-56F2-483A-87E6-218EA2E73124} URL = http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM - {BC063E51-FA0F-4EB6-AF60-ECF78D525D84} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
SearchScopes: HKCU - DefaultScope {5713E691-56F2-483A-87E6-218EA2E73124} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {615A1925-0E5B-4767-A65E-3165AEAC32A3} http://quickscan.bitdefender.com/qsax/qsax64.cab
DPF: HKLM-x32 {0FF55459-6FAA-4931-ADB8-A51CDCF74913} http://192.168.1.7:5000/surveillance/object/SSMultiEvent.cab
DPF: HKLM-x32 {32C11E38-E587-4BE9-9ABB-D69158C21CE5} http://192.168.1.6/activex/decoder/mpeg4_dec.cab
DPF: HKLM-x32 {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.1.7:5000/surveillance/object/SSObject.cab
DPF: HKLM-x32 {6B84FBF3-A5DF-408D-90A2-70AAB46ED326} http://192.168.1.7:5000/surveillance/object/SSEventPlayer3.cab
DPF: HKLM-x32 {85D959DD-805D-4A04-89A0-0D07AA8EE37D} http://192.168.1.7:5000/surveillance/object/SSResource.cab
DPF: HKLM-x32 {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
DPF: HKLM-x32 {B6E3D06F-F156-4146-B91C-6BEE03D3F6F4} http://192.168.1.7:5000/surveillance/object/SSLiveView3.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} http://192.168.1.6/activex/AMC.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C9896E12-19C9-4A4F-B935-1EFA50D2DE63}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\CC\AppData\Roaming\Mozilla\Firefox\Profiles\bcyxpor4.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.fr/
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.1 - C:\Users\CC\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\CC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\CC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\CC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\CC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\CC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\CC\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\CC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\CC\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\CC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\CC\AppData\Roaming\Mozilla\Firefox\Profiles\bcyxpor4.default\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\acpro.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\CC\AppData\Roaming\Mozilla\Firefox\Profiles\bcyxpor4.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-30]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://fr.msn.com/
CHR Extension: (Google Drive) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (Spanning Stats for Google Drive) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgancbjncfacadffknfmaccjngilljdl [2013-12-02]
CHR Extension: (YouTube) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-26]
CHR Extension: (Adblock Plus) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-26]
CHR Extension: (No Name) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-11-26]
CHR Extension: (Recherche Google) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-26]
CHR Extension: (Search by Image (by Google)) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-11-26]
CHR Extension: (Flag for Chrome) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2013-11-26]
CHR Extension: (MightyText - SMS Text Messaging from Computer) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2013-12-09]
CHR Extension: (Google+) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-11-26]
CHR Extension: (Hedgehog in the fog) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\haocganpkafanhkfldbbmhcpaelmkejg [2013-11-26]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-11-26]
CHR Extension: (Google Keep) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-11-26]
CHR Extension: (Bouton +1 de Google) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2013-11-26]
CHR Extension: (Google Wallet) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Extension Chrome to Phone de Google) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-11-26]
CHR Extension: (Gmail) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-26]
CHR Extension: (AVG PrivacyFix) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-11-26]
CHR Extension: (App Launcher Customizer for Google) - C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponjkmladgjfjgllmhnkhgbgocdigcjm [2013-11-26]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\CC\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-22]

==================== Services (Whitelisted) =================

S4 a2AntiMalware; C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe [3045688 2012-02-22] (Emsi Software GmbH)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [89600 2007-10-19] (Andrea Electronics Corporation)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S4 HP Touch Screen Enhance; C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE [101376 2008-05-03] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [404480 2007-08-06] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] ()
R2 video-saver; C:\Program Files (x86)\Video-Saver\video-saver152.exe [165888 2014-02-01] ()
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S4 HP Health Check Service; "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\A-SQUARED ANTI-MALWARE\a2accx64.sys [63880 2012-02-22] (Emsi Software GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\a-squared Anti-Malware\a2dix64.sys [41728 2012-02-22] (Emsi Software GmbH)
R1 a2util; C:\Program Files (x86)\a-squared Anti-Malware\a2util64.sys [14720 2010-05-10] (Emsi Software GmbH)
R3 ACPIService; C:\Windows\System32\DRIVERS\OSDACPI.SYS [15928 2008-05-05] ()
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [321920 2008-06-11] (AVerMedia TECHNOLOGIES, Inc.)
R3 AVerBDA6x_x64; C:\Windows\System32\DRIVERS\AVerBDA716x_x64.sys [1353728 2009-03-02] (AVerMedia TECHNOLOGIES, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 vmm; C:\Windows\system32\Pilotes\vmm.sys [294232 2009-07-15] (Microsoft Corporation)
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

========================== Drivers MD5 =======================

C:\PROGRAM FILES (X86)\A-SQUARED ANTI-MALWARE\a2accx64.sys 922AB7CC2C12C38DC2C4074AF893D5FB
C:\Program Files (x86)\a-squared Anti-Malware\a2dix64.sys 905CDA5A8D86F733DF8000909B4916ED
C:\Program Files (x86)\a-squared Anti-Malware\a2util64.sys E41D79682A209F72F4F578CFD4A53952
C:\Windows\System32\drivers\acpi.sys 1965AAFFAB07E3FB03C77F81BEBA3547
C:\Windows\System32\DRIVERS\OSDACPI.SYS B0C2CEA708685E8AD10F028211A2D973
C:\Windows\System32\drivers\ADIHdAud.sys 3AD4B78ECBAB5673515F0B466D126348
C:\Windows\system32\drivers\adp94xx.sys F14215E37CF124104575073F782111D2
C:\Windows\system32\drivers\adpahci.sys 7D05A75E3066861A6610F7EE04FF085C
C:\Windows\system32\drivers\adpu160m.sys 820A201FE08A0C345B3BEDBC30E1A77C
C:\Windows\system32\drivers\adpu320.sys 9B4AB6854559DC168FBB4C24FC52E794
C:\Windows\system32\drivers\afd.sys 2BA159E1F9FD75F6A496742B20F1D9CF
C:\Windows\system32\drivers\agp440.sys F6F6793B7F17B550ECFDBD3B229173F7
C:\Windows\system32\drivers\djsvs.sys 222CB641B4B8A1D1126F8033F9FD6A00
C:\Windows\system32\drivers\aliide.sys 157D0898D4B73F075CE9FA26B482DF98
C:\Windows\system32\drivers\amdide.sys 970FA5059E61E30D25307B99903E991E
C:\Windows\system32\drivers\amdk8.sys CDC3632A3A5EA4DBB83E46076A3165A1
C:\Windows\system32\drivers\arc.sys BA8417D4765F3988FF921F30F630E303
C:\Windows\system32\drivers\arcsas.sys 9D41C435619733B34CC16A511E644B11
C:\Windows\System32\DRIVERS\asyncmac.sys 22D13FF3DAFEC2A80634752B1EAA2DE6
C:\Windows\system32\drivers\atapi.sys E68D9B3A3905619732F7FE039466A623
C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys BACD4306403695374373FB43D506EB1E
C:\Windows\System32\DRIVERS\AVerBDA716x_x64.sys 1B44D605E72B5BD1E6BE0D90CF14AF3C
C:\Windows\system32\drivers\blbdrive.sys 79FEEB40056683F8F61398D81DDA65D2
C:\Windows\System32\DRIVERS\bowser.sys 2348447A80920B2493A9B582A23E81E1
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys F0F0BA4D815BE446AA6A4583CA3BCA9B
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys 09F926A0D9C0BAFD8417A4307D2ED13C
C:\Windows\system32\drivers\bthmodem.sys E0777B34E05F8A82A21856EFC900C29F
C:\Windows\System32\DRIVERS\bthpan.sys BEFC5311736B475AC5B60C14FF7C775A
C:\Windows\System32\Drivers\BTHport.sys E1466882252FF51EDDE48C3F7EDA2591
C:\Windows\System32\Drivers\BTHUSB.sys 970192CDED77A128E7E30722E5EE6B9C
C:\Windows\System32\DRIVERS\busenum.sys 856A52DDFD1EDED8DA13649579831C48
C:\Windows\System32\DRIVERS\cdfs.sys B4D787DB8D30793A4D4DF9FEED18F136
C:\Windows\System32\DRIVERS\cdrom.sys C025AA69BE3D0D25C7A2E746EF6F94FC
C:\Windows\System32\DRIVERS\circlass.sys 02EA568D498BBDD4BA55BF3FCE34D456
C:\Windows\System32\CLFS.sys 3DCA9A18B204939CFB24BEA53E31EB48
C:\Windows\system32\drivers\cmdide.sys E5D5499A1C50A54B5161296B6AFE6192
C:\Windows\system32\drivers\compbatt.sys 7FB8AD01DB0EABE60C8A861531A8F431
C:\Windows\System32\drivers\crcdisk.sys A8585B6412253803CE8EFCBD6D6DC15C
C:\Windows\System32\Drivers\dfsc.sys 8B722BA35205C71E7951CDC4CDBADE19
C:\Windows\System32\DRIVERS\ssudbus.sys 105373D52E71D2D1355AD3ACD18259C3
C:\Windows\System32\drivers\disk.sys B0107E40ECDB5FA692EBF832F295D905
C:\Windows\System32\drivers\drmkaud.sys F1A78A98CFC2EE02144C6BEC945447E6
C:\Windows\System32\drivers\dxgkrnl.sys 0A3C78677FF62E9E0AE7CC25C790A968
C:\Windows\System32\DRIVERS\E1G6032E.sys 264CEE7B031A9D6C827F3D0CB031F2FE
C:\Windows\System32\drivers\ecache.sys 5F94962BE5A62DB6E447FF6470C4F48A
C:\Windows\system32\drivers\elxstor.sys C4636D6E10469404AB5308D9FD45ED07
C:\Windows\system32\drivers\errdev.sys BC3A58E938BB277E46BF4B3003B01ABD
C:\Windows\System32\Drivers\exfat.sys 486844F47B6636044A42454614ED4523
C:\Windows\System32\Drivers\fastfat.sys 1A4BEE34277784619DDAF0422C0C6E23
C:\Windows\System32\DRIVERS\fdc.sys 81B79B6DF71FA1D2C6D688D830616E39
C:\Windows\System32\drivers\fileinfo.sys 457B7D1D533E4BD62A99AED9C7BB4C59
C:\Windows\System32\drivers\filetrace.sys D421327FD6EFCCAF884A54C58E1B0D7F
C:\Windows\System32\DRIVERS\flpydisk.sys 230923EA2B80F79B0F88D90F87B87EBD
C:\Windows\System32\drivers\fltmgr.sys E3041BC26D6930D61F42AEDB79C91720
C:\Windows\System32\Drivers\Fs_Rec.sys 5779B86CD8B32519FBECB136394D946A
C:\Windows\system32\drivers\gagp30kx.sys C8E416668D3DC2BE3D4FE4C79224997F
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\HDAudBus.sys F942C5820205F2FB453243EDFEC82A3D
C:\Windows\system32\drivers\hidbth.sys B4881C84A180E75B8C25DC1D726C375F
C:\Windows\System32\DRIVERS\hidir.sys 5F47839455D01FF6403B008D481A6F5B
C:\Windows\System32\DRIVERS\hidusb.sys 443BDD2D30BB4F00795C797E2CF99EDF
C:\Windows\system32\drivers\hpcisss.sys D7109A1E6BD2DFDBCBA72A6BC626A13B
C:\Windows\System32\drivers\HTTP.sys 098F1E4E5C9CB5B0063A959063631610
C:\Windows\system32\drivers\i2omp.sys DA94C854CEA5FAC549D4E1F6E88349E8
C:\Windows\System32\DRIVERS\i8042prt.sys CBB597659A2713CE0C9CC20C88C7591F
C:\Windows\System32\drivers\iastor.sys 6DC3789C1643E94302390A7F402C4B7E
C:\Windows\system32\drivers\iastorv.sys 3E3BF3627D886736D0B4E90054F929F6
C:\Windows\system32\drivers\iirsp.sys 8C3951AD2FE886EF76C7B5027C3125D3
C:\Windows\System32\drivers\intelide.sys DF797A12176F11B2D301C5B234BB200E
C:\Windows\System32\DRIVERS\intelppm.sys BFD84AF32FA1BAD6231C4585CB469630
C:\Windows\System32\DRIVERS\ipfltdrv.sys D8AABC341311E4780D6FCE8C73C0AD81
C:\Windows\system32\drivers\ipmidrv.sys 9C2EE2E6E5A7203BFAE15C299475EC67
C:\Windows\System32\DRIVERS\ipnat.sys B7E6212F581EA5F6AB0C3A6CEEEB89BE
C:\Windows\System32\drivers\irenum.sys 8C42CA155343A2F11D29FECA67FAA88D
C:\Windows\system32\drivers\isapnp.sys 0672BFCEDC6FC468A2B0500D81437F4F
C:\Windows\System32\DRIVERS\msiscsi.sys E4FDF99599F27EC25D2CF6D754243520
C:\Windows\system32\drivers\iteatapi.sys 63C766CDC609FF8206CB447A65ABBA4A
C:\Windows\system32\drivers\iteraid.sys 1281FE73B17664631D12F643CBEA3F59
C:\Windows\System32\DRIVERS\kbdclass.sys 423696F3BA6472DD17699209B933BC26
C:\Windows\System32\DRIVERS\kbdhid.sys DBDF75D51464FBC47D0104EC3D572C05
C:\Windows\System32\Drivers\ksecdd.sys 88956AD9FA510848AD176777A6C6C1F5
C:\Windows\system32\drivers\ksthunk.sys 1D419CF43DB29396ECD7113D129D94EB
C:\Windows\System32\DRIVERS\LHidFilt.Sys 83E05435F4D2C0F0A1FD74C41DED44E5
C:\Windows\System32\DRIVERS\lltdio.sys 96ECE2659B6654C10A0C310AE3A6D02C
C:\Windows\System32\DRIVERS\LMouFilt.Sys ABCBC7271C33567D686C91CF690CF2EB
C:\Windows\system32\drivers\lsi_fc.sys ACBE1AF32D3123E330A07BFBC5EC4A9B
C:\Windows\system32\drivers\lsi_sas.sys 799FFB2FC4729FA46D2157C0065B3525
C:\Windows\system32\drivers\lsi_scsi.sys F445FF1DAAD8A226366BFAF42551226B
C:\Windows\system32\drivers\luafv.sys 52F87B9CC8932C2A7375C3B2A9BE5E3E
C:\Windows\System32\DRIVERS\lvpopf64.sys B2085E335F2B57077B0CBADB6F1245CD
C:\Windows\System32\DRIVERS\lvrs64.sys 986C1CB787A007BAA5F74E7D316D7246
C:\Windows\System32\DRIVERS\lvuvc64.sys 5747BC465ABEA2858C5D037252AED84E
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys 5C5CD6AACED32FB26C3FB34B3DCF972F
C:\Windows\system32\drivers\megasr.sys 859BC2436B076C77C159ED694ACFE8F8
C:\Windows\System32\drivers\modem.sys 59848D5CC74606F0EE7557983BB73C2E
C:\Windows\System32\DRIVERS\monitor.sys C247CC2A57E0A0C8C6DCCF7807B3E9E5
C:\Windows\System32\DRIVERS\mouclass.sys 9367304E5E412B120CF5F4EA14E4E4F1
C:\Windows\System32\DRIVERS\mouhid.sys C2C2BD5C5CE5AAF786DDD74B75D2AC69
C:\Windows\System32\drivers\mountmgr.sys 11BC9B1E8801B01F7F6ADB9EAD30019B
C:\Windows\system32\drivers\mpio.sys F8276EB8698142884498A528DFEA8478
C:\Windows\System32\drivers\mpsdrv.sys C92B9ABDB65A5991E00C28F13491DBA2
C:\Windows\system32\drivers\mraid35x.sys 3C200630A89EF2C0864D515B7A75802E
C:\Windows\system32\drivers\mrxdav.sys 7C1DE4AA96DC0C071611F9E7DE02A68D
C:\Windows\System32\DRIVERS\mrxsmb.sys 1485811B320FF8C7EDAD1CAEBB1C6C2B
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3B929A60C833FC615FD97FBA82BC7632
C:\Windows\System32\DRIVERS\mrxsmb20.sys C64AB3E1F53B4F5B5BB6D796B2D7BEC3
C:\Windows\system32\drivers\msahci.sys 1AC860612B85D8E85EE257D372E39F4D
C:\Windows\system32\drivers\msdsm.sys 264BBB4AAF312A485F0E44B65A6B7202
C:\Windows\System32\Drivers\Msfs.sys 704F59BFC4512D2BB0146AEC31B10A7C
C:\Windows\System32\drivers\msisadrv.sys 00EBC952961664780D43DCA157E79B27
C:\Windows\System32\drivers\MSKSSRV.sys 0EA73E498F53B96D83DBFCA074AD4CF8
C:\Windows\System32\drivers\MSPCLOCK.sys 52E59B7E992A58E740AA63F57EDBAE8B
C:\Windows\System32\drivers\MSPQM.sys 49084A75BAE043AE02D5B44D02991BB2
C:\Windows\System32\Drivers\MsRPC.sys DC6CCF440CDEDE4293DB41C37A5060A5
C:\Windows\System32\DRIVERS\mssmbios.sys 855796E59DF77EA93AF46F20155BF55B
C:\Windows\System32\drivers\MSTEE.sys 86D632D75D05D5B7C7C043FA3564AE86
C:\Windows\System32\Drivers\mup.sys 0CC49F78D8ACA0877D885F149084E543
C:\Windows\System32\DRIVERS\nwifi.sys 2007B826C4ACD94AE32232B41F0842B9
C:\Windows\System32\drivers\ndis.sys 65950E07329FCEE8E6516B17C8D0ABB6
C:\Windows\System32\DRIVERS\ndistapi.sys 64DF698A425478E321981431AC171334
C:\Windows\System32\DRIVERS\ndisuio.sys 8BAA43196D7B5BB972C9A6B2BBF61A19
C:\Windows\System32\DRIVERS\ndiswan.sys F8158771905260982CE724076419EF19
C:\Windows\System32\Drivers\NDProxy.sys 9CB77ED7CB72850253E973A2D6AFDF49
C:\Windows\System32\DRIVERS\netbios.sys A499294F5029A7862ADC115BDA7371CE
C:\Windows\System32\DRIVERS\netbt.sys FC2C792EBDDC8E28DF939D6A92C83D61
C:\Windows\System32\DRIVERS\netr28x.sys EF39E62B2213C019D9F9B5E272401CE6
C:\Windows\system32\drivers\nfrd960.sys 4AC08BD6AF2DF42E0C3196D826C8AEA7
C:\Windows\System32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys B298874F8E0EA93F06EC40AA8D146478
C:\Windows\System32\drivers\nsiproxy.sys 1523AF19EE8B030BA682F7A53537EAEB
C:\Windows\System32\Drivers\Ntfs.sys 2ACCAA3C3C55370A32F17B3595E1A217
C:\Windows\System32\Drivers\Null.sys DD5D684975352B85B52E3FD5347C20CB
C:\Windows\System32\DRIVERS\nvlddmkm.sys 093DCD56DA1B3801AA9689F0628BAB7D
C:\Windows\system32\drivers\nvraid.sys 2C040B7ADA5B06F6FACADAC8514AA034
C:\Windows\system32\drivers\nvstor.sys F7EA0FE82842D05EDA3EFDD376DBFDBA
C:\Windows\system32\drivers\nv_agp.sys 19067CA93075EF4823E3938A686F532F
C:\Windows\System32\DRIVERS\ohci1394.sys B5B1CE65AC15BBD11C0619E3EF7CFC28
C:\Windows\system32\drivers\parport.sys AECD57F94C887F58919F307C35498EA0
C:\Windows\System32\drivers\partmgr.sys B43751085E2ABE389DA466BC62A4B987
C:\Windows\System32\drivers\pci.sys 47AB1E0FC9D0E12BB53BA246E3A0906D
C:\Windows\system32\drivers\pciide.sys 8D618C829034479985A9ED56106CC732
C:\Windows\system32\drivers\pcmcia.sys 037661F3D7C507C9993B7010CEEE6288
C:\Windows\System32\drivers\peauth.sys 58865916F53592A61549B04941BFD80D
C:\Windows\System32\DRIVERS\raspptp.sys 23386E9952025F5F21C368971E2E7301
C:\Windows\system32\drivers\processr.sys 5080E59ECEE0BC923F14018803AA7A01
C:\Windows\System32\DRIVERS\pacer.sys C5AB7F0809392D0DA027F4A2A81BFA31
C:\Windows\System32\Drivers\PxHlpa64.sys 07D57B890DD5693A6AB660CBAE8F91B4
C:\Windows\system32\drivers\ql2300.sys 0B83F4E681062F3839BE2EC1D98FD94A
C:\Windows\system32\drivers\ql40xx.sys E1C80F8D4D1E39EF9595809C1369BF2A
C:\Windows\system32\drivers\qwavedrv.sys E8D76EDAB77EC9C634C27B8EAC33ADC5
C:\Windows\System32\DRIVERS\rasacd.sys 1013B3B663A56D3DDD784F581C1BD005
C:\Windows\System32\DRIVERS\rasl2tp.sys AC7BC4D42A7E558718DFDEC599BBFC2C
C:\Windows\System32\DRIVERS\raspppoe.sys 4517FBF8B42524AFE4EDE1DE102AAE3E
C:\Windows\System32\DRIVERS\rassstp.sys C6A593B51F34C33E5474539544072527
C:\Windows\System32\DRIVERS\rdbss.sys 322DB5C6B55E8D8EE8D6F358B2AAABB1
C:\Windows\System32\DRIVERS\RDPCDD.sys 603900CC05F6BE65CCBF373800AF3716
C:\Windows\system32\drivers\rdpdr.sys C045D1FB111C28DF0D1BE8D4BDA22C06
C:\Windows\System32\drivers\rdpencdd.sys CAB9421DAF3D97B33D0D055858E2C3AB
C:\Windows\System32\Drivers\RDPWD.sys AE4BD9E1C33D351D8E607FC81F15160C
C:\Windows\System32\DRIVERS\rfcomm.sys CD71E053D7260E4102D99A28F9196070
C:\Windows\System32\DRIVERS\rspndr.sys 22A9CB08B1A6707C1550C6BF099AAE73
C:\Windows\System32\DRIVERS\Rtlh64.sys 82B66ABF055611024E5DBB9FA556C11D
C:\Windows\System32\DRIVERS\sbp2port.sys 8C8862DC7417D89B375492C981C491F7
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys F71BFE7AC6C52273B7C82CBF1BB2A222
C:\Windows\system32\drivers\serial.sys E62FAC91EE288DB29A9696A9D279929C
C:\Windows\system32\drivers\sermouse.sys A842F04833684BCEEA7336211BE478DF
C:\Windows\system32\drivers\sffdisk.sys 14D4B4465193A87C127933978E8C4106
C:\Windows\system32\drivers\sffp_mmc.sys 7073AEE3F82F3D598E3825962AA98AB2
C:\Windows\system32\drivers\sffp_sd.sys 35E59EBE4A01A0532ED67975161C7B82
C:\Windows\system32\drivers\sfloppy.sys 6B7838C94135768BD455CBDC23E39E5F
C:\Windows\system32\drivers\sisraid2.sys 7A5DE502AEB719D4594C6471060A78B3
C:\Windows\system32\drivers\sisraid4.sys 3A2F769FAB9582BC720E11EA1DFB184D
C:\Windows\System32\DRIVERS\smb.sys 290B6F6A0EC4FCDFC90F5CB6D7020473
C:\Windows\System32\Drivers\spldr.sys 386C3C63F00A7040C7EC5E384217E89D
C:\Windows\System32\DRIVERS\srv.sys 880A57FCCB571EBD063D4DD50E93E46D
C:\Windows\System32\DRIVERS\srv2.sys A1AD14A6D7A37891FFFECA35EBBB0730
C:\Windows\System32\DRIVERS\srvnet.sys 4BED62F4FA4D8300973F1151F4C4D8A7
C:\Windows\System32\DRIVERS\ssudmdm.sys 74425FFA11C133D045E1C3BE2EAD481D
C:\Windows\System32\DRIVERS\swenum.sys 8A851CA908B8B974F89C50D2E18D4F0C
C:\Windows\system32\drivers\symc8xx.sys 2F26A2C6FC96B29BEFF5D8ED74E6625B
C:\Windows\system32\drivers\sym_hi.sys A909667976D3BCCD1DF813FED517D837
C:\Windows\system32\drivers\sym_u3.sys 36887B56EC2D98B9C362F6AE4DE5B7B0
C:\Windows\System32\drivers\tcpip.sys C2CB949645C299E23FBFD26CAD3FC96E
C:\Windows\System32\DRIVERS\tcpip.sys C2CB949645C299E23FBFD26CAD3FC96E
C:\Windows\System32\drivers\tcpipreg.sys C7E72A4071EE0200E3C075DACFB2B334
C:\Windows\System32\drivers\tdpipe.sys 1D8BF4AAA5FB7A2761475781DC1195BC
C:\Windows\System32\drivers\tdtcp.sys 7F7E00CDF609DF657F4CDA02DD1C9BB1
C:\Windows\System32\DRIVERS\tdx.sys 458919C8C42E398DC4802178D5FFEE27
C:\Windows\System32\DRIVERS\termdd.sys 8C19678D22649EC002EF2282EAE92F98
C:\Windows\System32\DRIVERS\tssecsrv.sys B2388462329ACD17AF50D8701E0C1B18
C:\Windows\System32\DRIVERS\tunnel.sys 30A9B3F45AD081BFFC3BCAA9C812B609
C:\Windows\system32\drivers\uagp35.sys FEC266EF401966311744BD0F359F7F56
C:\Windows\System32\DRIVERS\udfs.sys FAF2640A2A76ED03D449E443194C4C34
C:\Windows\system32\drivers\uliagpkx.sys 4EC9447AC3AB462647F60E547208CA00
C:\Windows\system32\drivers\uliahci.sys 697F0446134CDC8F99E69306184FBBB4
C:\Windows\system32\drivers\ulsata.sys 31707F09846056651EA2C37858F5DDB0
C:\Windows\system32\drivers\ulsata2.sys 85E5E43ED5B48C8376281BAB519271B7
C:\Windows\System32\DRIVERS\umbus.sys 46E9A994C4FED537DD951F60B86AD3F4
C:\Windows\System32\drivers\usbaudio.sys A565B509000BD3E42A9B93B9FFD40D3D
C:\Windows\System32\DRIVERS\usbccgp.sys 858CC93477F9A9383E07861892600FF9
C:\Windows\System32\DRIVERS\usbcir.sys 3F4BE4D7C5C4F64101F252263E588856
C:\Windows\System32\DRIVERS\usbehci.sys 82C3790E4E6F35087EF00994C7A72988
C:\Windows\System32\DRIVERS\usbhub.sys BE2EB33AF6EE2E5DA07EB987E0A321F5
C:\Windows\system32\drivers\usbohci.sys EBA14EF0C07CEC233F1529C698D0D154
C:\Windows\system32\drivers\usbprint.sys ACFEE697AF477021BB3EC78C5431FED2
C:\Windows\System32\DRIVERS\usbscan.sys C024814884CE9E6C2E6ED76A63AC3B9A
C:\Windows\System32\DRIVERS\USBSTOR.SYS B854C1558FCA0C269A38663E8B59B581
C:\Windows\System32\DRIVERS\usbuhci.sys 308F6DDC052C970D679DA37D8A305279
C:\Windows\System32\Drivers\usbvideo.sys BF7A051DCCBA57C95541135B29CE0FB4
C:\Windows\System32\DRIVERS\vgapnp.sys 916B94BCF1E09873FFF2D5FB11767BBC
C:\Windows\System32\drivers\vga.sys B83AB16B51FEDA65DD81B8C59D114D63
C:\Windows\system32\drivers\viaide.sys 8294B6C3FDB6C33F24E150DE647ECDAA
C:\Windows\system32\Pilotes\vmm.sys 091E009EF749C9D65CF9ADFAD316D251
C:\Windows\System32\drivers\volmgr.sys 2B7E885ED951519A12C450D24535DFCA
C:\Windows\System32\drivers\volmgrx.sys CEC5AC15277D75D9E5DEC2E1C6EAF877
C:\Windows\System32\drivers\volsnap.sys 582F710097B46140F5A89A19A6573D4B
C:\Windows\System32\DRIVERS\VMNetSrv.sys BC2EA40B98B5E866D9A4F98AFB66B682
C:\Windows\system32\drivers\vsmraid.sys A68F455ED2673835209318DD61BFBB0E
C:\Windows\system32\drivers\wacompen.sys FEF8FE5923FEAD2CEE4DFABFCE3393A7
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\system32\drivers\wd.sys 0C17A0816F65B89E362E682AD5E7266E
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\system32\drivers\wmiacpi.sys E18AEBAAA5A773FE11AA2C70F65320F5
C:\Windows\System32\DRIVERS\wpdusb.sys 5E2401B3FC1089C90E081291357371A9
C:\Windows\system32\drivers\ws2ifsl.sys 8A900348370E359B6BFF6A550E4649E1
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 16:52 - 2014-02-08 16:56 - 00039464 _____ () C:\Users\CC\Desktop\FRST.txt
2014-02-08 16:52 - 2014-02-08 16:52 - 00000000 ____D () C:\FRST
2014-02-08 16:50 - 2014-02-08 16:50 - 02079744 _____ (Farbar) C:\Users\CC\Desktop\FRST64.exe
2014-02-08 15:16 - 2014-02-08 15:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-08 15:16 - 2014-02-08 15:16 - 00000000 _____ () C:\Windows\setupact.log
2014-02-08 12:41 - 2014-02-08 12:41 - 00000000 ____D () C:\Program Files\Tracker Software
2014-02-08 12:40 - 2013-12-30 11:34 - 16537480 _____ (Tracker Software Products Ltd ) C:\Users\CC\Downloads\PDFXVwer.exe
2014-02-08 12:40 - 2011-12-14 11:32 - 00026759 _____ () C:\Users\CC\Downloads\PDFXVW1.xml
2014-02-08 12:39 - 2014-02-08 12:40 - 16894414 _____ () C:\Users\CC\Downloads\pdf-xchange-viewer_2-5-214_fr_76372.zip
2014-02-08 12:01 - 2014-02-08 12:02 - 00258016 _____ () C:\Users\CC\Documents\cc_20140208_120153.reg
2014-02-08 11:41 - 2014-02-08 11:41 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-02-08 11:38 - 2014-02-08 11:38 - 00000000 ____D () C:\Users\CC\AppData\Local\Foxit Reader
2014-02-08 11:05 - 2014-02-08 11:05 - 00350709 _____ () C:\Users\CC\Desktop\ZHPDiag.txt
2014-02-07 23:49 - 2014-02-07 23:49 - 00001784 _____ () C:\Users\CC\Desktop\ZHPFix.lnk
2014-02-07 23:49 - 2014-02-07 23:49 - 00001661 _____ () C:\Users\CC\Desktop\ZHPDiag.lnk
2014-02-07 23:40 - 2014-02-08 10:47 - 00000890 _____ () C:\Users\CC\Desktop\ZHPFixReport.txt
2014-02-07 07:58 - 2014-02-07 07:58 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Foxit Software
2014-02-07 07:58 - 2014-02-07 07:58 - 00000000 ____D () C:\Users\Julie\AppData\Local\Foxit Reader
2014-02-06 22:09 - 2014-02-08 11:04 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA47A.tmp
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA479.tmp
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA469.tmp
2014-02-06 21:49 - 2014-02-06 21:50 - 00001639 _____ () C:\DelFix.txt
2014-02-06 21:39 - 2014-02-06 21:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-06 21:38 - 2014-02-06 21:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-06 08:12 - 2014-02-06 08:12 - 00321112 _____ () C:\Users\Julie\Downloads\Player Setup.exe
2014-02-05 07:36 - 2014-02-05 07:36 - 01166132 _____ () C:\Users\Julie\Downloads\adwcleaner.exe
2014-02-04 23:46 - 2014-02-06 22:30 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\ZHP
2014-02-04 23:19 - 2014-02-04 23:19 - 00002560 _____ () C:\Windows\_MSRSTRT.EXE
2014-02-03 23:53 - 2014-02-03 23:53 - 00000000 ____D () C:\Users\CC\Documents\Adobe
2014-02-03 22:53 - 2014-02-08 12:33 - 00000000 ___HD () C:\ProgramData\torgkeerah
2014-02-02 11:12 - 2014-02-02 11:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-01 18:08 - 2014-02-08 16:49 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-02-01 18:08 - 2014-02-01 18:08 - 00002608 _____ () C:\Windows\System32\Tasks\GlaryInitialize 3
2014-02-01 17:55 - 2014-02-01 17:55 - 00000000 ____D () C:\Users\CCadmin\AppData\LocalGoogle
2014-02-01 17:53 - 2014-02-01 17:53 - 00000000 ____D () C:\Users\CCadmin\AppData\Local\Google
2014-02-01 17:51 - 2014-02-08 12:20 - 00008106 _____ () C:\Windows\PFRO.log
2014-02-01 17:47 - 2014-02-02 10:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 17:32 - 2014-02-08 11:00 - 00000000 ____D () C:\Users\CC\AppData\Roaming\ZHP
2014-02-01 07:21 - 2014-02-01 17:50 - 00000000 ____D () C:\Program Files (x86)\Video-Saver
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 ____D () C:\Users\Julie\AppData\Local\fst_fr_68
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 ____D () C:\Users\Julie\AppData\Local\fst_fr_33
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 _____ () C:\Users\Julie\daemonprocess.txt
2014-01-31 08:22 - 2014-02-01 00:17 - 00000000 ____D () C:\Users\Julie\AppData\Local\MoboGenie
2014-01-31 07:03 - 2014-01-31 07:06 - 00000000 ____D () C:\Users\CC\AppData\Local\cache
2014-01-31 07:03 - 2014-01-31 07:03 - 00000000 ____D () C:\Users\CC\.android
2014-01-31 07:03 - 2014-01-31 07:03 - 00000000 _____ () C:\Users\CC\daemonprocess.txt
2014-01-31 06:59 - 2014-01-31 07:02 - 00000000 ____D () C:\Users\CC\AppData\Roaming\DAEMON Tools Lite
2014-01-31 06:58 - 2014-01-31 07:02 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-27 19:38 - 2014-01-27 19:38 - 02573970 _____ () C:\Users\Julie\Downloads\dce-v1 (1).zip
2014-01-27 19:08 - 2014-01-27 19:22 - 00020705 _____ () C:\Users\Julie\Downloads\DQE V3 (4).xlsx
2014-01-27 19:08 - 2014-01-27 19:08 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (5).xlsx
2014-01-27 18:59 - 2014-01-27 19:33 - 00000000 ____D () C:\Users\Julie\Desktop\AC 14-01 SI
2014-01-27 18:56 - 2014-01-27 18:56 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (3).xlsx
2014-01-27 18:56 - 2014-01-27 18:56 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (2).xlsx
2014-01-27 18:55 - 2014-01-27 18:55 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3.xlsx
2014-01-27 18:55 - 2014-01-27 18:55 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (1).xlsx
2014-01-24 20:15 - 2014-01-24 20:25 - 00000729 _____ () C:\Users\Julie\Desktop\Photos En cours classement.lnk
2014-01-24 20:12 - 2014-01-24 20:24 - 00000749 _____ () C:\Users\Julie\Desktop\Photos - Stock.lnk
2014-01-18 21:33 - 2014-02-06 21:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 21:33 - 2014-02-06 21:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 21:33 - 2014-01-18 21:33 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-09 19:46 - 2014-01-09 19:47 - 03238195 _____ () C:\Users\Julie\Downloads\dce-v1.zip
2014-01-09 19:16 - 2014-01-09 19:17 - 03554896 _____ () C:\Users\Julie\Downloads\DCE....zip

==================== One Month Modified Files and Folders =======

2014-02-08 16:56 - 2014-02-08 16:52 - 00039464 _____ () C:\Users\CC\Desktop\FRST.txt
2014-02-08 16:55 - 2010-02-07 10:08 - 01394457 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 16:52 - 2014-02-08 16:52 - 00000000 ____D () C:\FRST
2014-02-08 16:51 - 2008-09-25 19:29 - 00041855 _____ () C:\ProgramData\nvModes.001
2014-02-08 16:50 - 2014-02-08 16:50 - 02079744 _____ (Farbar) C:\Users\CC\Desktop\FRST64.exe
2014-02-08 16:50 - 2012-11-01 14:33 - 00000000 ___RD () C:\Users\CC\Google Drive
2014-02-08 16:49 - 2014-02-01 18:08 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-02-08 16:49 - 2006-11-02 16:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 16:48 - 2012-11-01 12:49 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 16:48 - 2012-06-23 16:16 - 00000000 ____D () C:\Users\CC\AppData\Local\PasswordSafe
2014-02-08 16:48 - 2006-11-02 16:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 16:48 - 2006-11-02 16:21 - 01754544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-08 16:47 - 2012-01-16 00:01 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-02-08 16:47 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 16:46 - 2008-05-30 09:48 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-08 16:46 - 2006-11-02 16:42 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 16:45 - 2012-07-28 21:33 - 00000000 ____D () C:\Users\CC\AppData\Roaming\uTorrent
2014-02-08 16:42 - 2011-10-02 22:45 - 00000000 ____D () C:\Users\CC\Documents\Informatique
2014-02-08 16:31 - 2012-11-01 12:49 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 16:21 - 2008-09-23 18:58 - 00109320 _____ () C:\Users\CC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-08 16:05 - 2012-11-17 21:16 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1000UA.job
2014-02-08 15:58 - 2013-03-27 21:16 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1007UA.job
2014-02-08 15:42 - 2008-10-07 20:03 - 00000000 ____D () C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sécurité
2014-02-08 15:36 - 2008-05-30 10:22 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-08 15:36 - 2008-05-30 10:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 15:16 - 2014-02-08 15:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-08 15:16 - 2014-02-08 15:16 - 00000000 _____ () C:\Windows\setupact.log
2014-02-08 15:16 - 2008-09-23 18:45 - 00000000 ____D () C:\Users\CC
2014-02-08 15:03 - 2008-09-23 18:46 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-08 14:50 - 2013-09-04 20:54 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 3
2014-02-08 14:50 - 2009-10-04 22:20 - 00000000 ____D () C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administration
2014-02-08 14:48 - 2010-10-01 06:47 - 00000000 ____D () C:\Users\CC\Documents\Export Photos
2014-02-08 12:41 - 2014-02-08 12:41 - 00000000 ____D () C:\Program Files\Tracker Software
2014-02-08 12:40 - 2014-02-08 12:39 - 16894414 _____ () C:\Users\CC\Downloads\pdf-xchange-viewer_2-5-214_fr_76372.zip
2014-02-08 12:33 - 2014-02-03 22:53 - 00000000 ___HD () C:\ProgramData\torgkeerah
2014-02-08 12:20 - 2014-02-01 17:51 - 00008106 _____ () C:\Windows\PFRO.log
2014-02-08 12:12 - 2011-05-08 11:16 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-08 12:12 - 2011-05-08 11:16 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-08 12:10 - 2011-12-20 00:39 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-08 12:02 - 2014-02-08 12:01 - 00258016 _____ () C:\Users\CC\Documents\cc_20140208_120153.reg
2014-02-08 12:01 - 2009-03-13 22:21 - 00000680 _____ () C:\Users\CC\AppData\Local\d3d9caps.dat
2014-02-08 12:00 - 2009-11-08 23:23 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-02-08 11:59 - 2013-09-15 14:47 - 00000000 ____D () C:\Users\CC\AppData\Roaming\Foxit Software
2014-02-08 11:41 - 2014-02-08 11:41 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-02-08 11:38 - 2014-02-08 11:38 - 00000000 ____D () C:\Users\CC\AppData\Local\Foxit Reader
2014-02-08 11:05 - 2014-02-08 11:05 - 00350709 _____ () C:\Users\CC\Desktop\ZHPDiag.txt
2014-02-08 11:04 - 2014-02-06 22:09 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-02-08 11:00 - 2014-02-01 17:32 - 00000000 ____D () C:\Users\CC\AppData\Roaming\ZHP
2014-02-08 10:59 - 2009-11-07 15:41 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-02-08 10:47 - 2014-02-07 23:40 - 00000890 _____ () C:\Users\CC\Desktop\ZHPFixReport.txt
2014-02-08 07:59 - 2013-03-27 21:16 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1007Core.job
2014-02-08 07:54 - 2013-03-27 21:16 - 00003962 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1007UA
2014-02-08 07:54 - 2013-03-27 21:16 - 00003566 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1007Core
2014-02-08 02:05 - 2012-11-17 21:16 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154590487-1511992936-3810515737-1000Core.job
2014-02-07 23:49 - 2014-02-07 23:49 - 00001784 _____ () C:\Users\CC\Desktop\ZHPFix.lnk
2014-02-07 23:49 - 2014-02-07 23:49 - 00001661 _____ () C:\Users\CC\Desktop\ZHPDiag.lnk
2014-02-07 16:25 - 2011-05-07 12:29 - 00003668 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{334E0C87-DA96-465F-88C2-27DAED35645A}
2014-02-07 11:12 - 2011-07-04 17:50 - 00003680 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDFC7921-11BC-4AC3-B622-C89481A202D8}
2014-02-07 07:58 - 2014-02-07 07:58 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Foxit Software
2014-02-07 07:58 - 2014-02-07 07:58 - 00000000 ____D () C:\Users\Julie\AppData\Local\Foxit Reader
2014-02-06 22:30 - 2014-02-04 23:46 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\ZHP
2014-02-06 21:53 - 2008-05-30 19:38 - 00758844 _____ () C:\Windows\system32\perfh00C.dat
2014-02-06 21:53 - 2008-05-30 19:38 - 00162510 _____ () C:\Windows\system32\perfc00C.dat
2014-02-06 21:53 - 2008-05-30 10:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-06 21:53 - 2006-11-02 13:46 - 01710428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA47A.tmp
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA479.tmp
2014-02-06 21:52 - 2014-02-06 21:52 - 00000000 _____ () C:\Windows\SysWOW64\RENA469.tmp
2014-02-06 21:50 - 2014-02-06 21:49 - 00001639 _____ () C:\DelFix.txt
2014-02-06 21:38 - 2014-02-06 21:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-06 21:38 - 2014-02-06 21:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-06 21:38 - 2014-01-18 21:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-06 21:38 - 2014-01-18 21:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-06 21:36 - 2008-09-23 18:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-06 08:12 - 2014-02-06 08:12 - 00321112 _____ () C:\Users\Julie\Downloads\Player Setup.exe
2014-02-05 23:45 - 2013-09-28 20:23 - 00000000 ____D () C:\Users\CC\Downloads\T411
2014-02-05 07:42 - 2013-09-04 19:36 - 00000000 ____D () C:\AdwCleaner
2014-02-05 07:36 - 2014-02-05 07:36 - 01166132 _____ () C:\Users\Julie\Downloads\adwcleaner.exe
2014-02-04 23:42 - 2009-11-08 12:38 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-02-04 23:19 - 2014-02-04 23:19 - 00002560 _____ () C:\Windows\_MSRSTRT.EXE
2014-02-04 01:23 - 2010-09-11 17:45 - 00000000 ____D () C:\Users\CC\AppData\Roaming\vlc
2014-02-03 23:53 - 2014-02-03 23:53 - 00000000 ____D () C:\Users\CC\Documents\Adobe
2014-02-03 23:49 - 2010-11-06 17:21 - 00000000 ____D () C:\Users\CC\Documents\Scans
2014-02-02 11:12 - 2014-02-02 11:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-02 11:07 - 2010-10-28 20:24 - 00000000 ____D () C:\Program Files (x86)\EasyPhotoUploader
2014-02-02 10:13 - 2014-02-01 17:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 18:08 - 2014-02-01 18:08 - 00002608 _____ () C:\Windows\System32\Tasks\GlaryInitialize 3
2014-02-01 17:55 - 2014-02-01 17:55 - 00000000 ____D () C:\Users\CCadmin\AppData\LocalGoogle
2014-02-01 17:54 - 2009-12-09 00:13 - 00109320 _____ () C:\Users\CCadmin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-01 17:53 - 2014-02-01 17:53 - 00000000 ____D () C:\Users\CCadmin\AppData\Local\Google
2014-02-01 17:50 - 2014-02-01 07:21 - 00000000 ____D () C:\Program Files (x86)\Video-Saver
2014-02-01 07:23 - 2006-11-02 14:34 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-01 02:00 - 2008-09-23 18:47 - 00000000 ____D () C:\Users\CC\AppData\Local\Adobe
2014-02-01 00:17 - 2014-01-31 08:22 - 00000000 ____D () C:\Users\Julie\AppData\Local\MoboGenie
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 ____D () C:\Users\Julie\AppData\Local\fst_fr_68
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 ____D () C:\Users\Julie\AppData\Local\fst_fr_33
2014-02-01 00:02 - 2014-02-01 00:02 - 00000000 _____ () C:\Users\Julie\daemonprocess.txt
2014-02-01 00:02 - 2011-04-11 18:47 - 00000000 ____D () C:\Users\Julie
2014-01-31 20:37 - 2012-02-21 21:17 - 00000000 ____D () C:\ZHP
2014-01-31 20:28 - 2011-03-06 13:29 - 00000000 ____D () C:\Users\CC\AppData\Roaming\HandBrake
2014-01-31 19:24 - 2013-09-02 18:08 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Skype
2014-01-31 07:16 - 2009-07-08 20:29 - 00000000 ____D () C:\Users\CC\AppData\Roaming\Skype
2014-01-31 07:06 - 2014-01-31 07:03 - 00000000 ____D () C:\Users\CC\AppData\Local\cache
2014-01-31 07:04 - 2008-09-25 19:33 - 00102912 _____ () C:\Users\CC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-31 07:03 - 2014-01-31 07:03 - 00000000 ____D () C:\Users\CC\.android
2014-01-31 07:03 - 2014-01-31 07:03 - 00000000 _____ () C:\Users\CC\daemonprocess.txt
2014-01-31 07:02 - 2014-01-31 06:59 - 00000000 ____D () C:\Users\CC\AppData\Roaming\DAEMON Tools Lite
2014-01-31 07:02 - 2014-01-31 06:58 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-30 21:37 - 2012-08-04 15:26 - 00000000 ____D () C:\Users\Julie\Documents\MARCHES PUBLICS
2014-01-27 19:38 - 2014-01-27 19:38 - 02573970 _____ () C:\Users\Julie\Downloads\dce-v1 (1).zip
2014-01-27 19:33 - 2014-01-27 18:59 - 00000000 ____D () C:\Users\Julie\Desktop\AC 14-01 SI
2014-01-27 19:22 - 2014-01-27 19:08 - 00020705 _____ () C:\Users\Julie\Downloads\DQE V3 (4).xlsx
2014-01-27 19:08 - 2014-01-27 19:08 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (5).xlsx
2014-01-27 18:56 - 2014-01-27 18:56 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (3).xlsx
2014-01-27 18:56 - 2014-01-27 18:56 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (2).xlsx
2014-01-27 18:55 - 2014-01-27 18:55 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3.xlsx
2014-01-27 18:55 - 2014-01-27 18:55 - 00020049 _____ () C:\Users\Julie\Downloads\DQE V3 (1).xlsx
2014-01-25 10:54 - 2011-04-25 12:38 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Mozilla
2014-01-24 22:58 - 2013-07-09 20:06 - 00000000 ____D () C:\Users\Julie\Desktop\Marchés publics
2014-01-24 20:25 - 2014-01-24 20:15 - 00000729 _____ () C:\Users\Julie\Desktop\Photos En cours classement.lnk
2014-01-24 20:24 - 2014-01-24 20:12 - 00000749 _____ () C:\Users\Julie\Desktop\Photos - Stock.lnk
2014-01-21 23:04 - 2013-01-16 23:12 - 00000000 ____D () C:\Users\Julie\Documents\PERSONNEL
2014-01-20 00:05 - 2008-09-25 19:29 - 00041855 _____ () C:\ProgramData\nvModes.dat
2014-01-18 21:33 - 2014-01-18 21:33 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 03:06 - 2008-09-29 21:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 03:05 - 2013-08-14 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:01 - 2006-11-02 13:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-14 23:53 - 2012-09-12 18:30 - 00000000 ____D () C:\Users\Julie\Downloads\Petit à Petit-Eveil à l'Anglais-2-5 ans
2014-01-14 23:53 - 2012-09-09 15:07 - 00000000 ____D () C:\Users\Julie\Downloads\Lapin Malin-CP 5-7 ans-Turbulences à Edenville
2014-01-14 22:48 - 2012-09-09 19:08 - 00000000 ____D () C:\Users\Julie\Downloads\Lapin Malin Maternelle 1 Le Monde enchanté 2-4 ans
2014-01-09 19:47 - 2014-01-09 19:46 - 03238195 _____ () C:\Users\Julie\Downloads\dce-v1.zip
2014-01-09 19:17 - 2014-01-09 19:16 - 03554896 _____ () C:\Users\Julie\Downloads\DCE....zip

Some content of TEMP:
====================
C:\Users\CC\AppData\Local\Temp\Checkupdate.exe
C:\Users\CC\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\CC\AppData\Local\Temp\Foxit Updater.exe
C:\Users\CC\AppData\Local\Temp\gcapi_dll.dll
C:\Users\CC\AppData\Local\Temp\gtapi_signed.dll
C:\Users\CC\AppData\Local\Temp\readSTILog.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
resume No

Chargeur de d‚marrage Windows
-----------------------------
identificateur {572bcd55-ffa7-11d9-aae2-0007e994107d}
device ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description HP Recovery Manager
osdevice ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale fr-FR
inherit {bootloadersettings}
recoverysequence {572bcd55-ffa7-11d9-aae2-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b27c7118-2e77-11dd-980c-a47d8f901f39}
nx OptIn
numproc 2
detecthal No
usefirmwarepcisettings No

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b27c7118-2e77-11dd-980c-a47d8f901f39}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

Chargeur de systŠme d'exploitation Windows d'ancienne g‚n‚ration
----------------------------------------------------------------
identificateur {ntldr}
device partition=C:
path \ntldr
description Version ant‚rieure de Windows

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description Ramdisk Device Options
ramdisksdidevice partition=D:
ramdisksdipath \boot\boot.sdi

Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description RAM Disk Settings
ramdisksdidevice partition=D:
ramdisksdipath \boot\boot.sdi



LastRegBack: 2014-02-08 17:01

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité