API tools faq
paste
Advertisement
Guest User

OLT

a guest
Sep 3rd, 2012
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 69.44 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 04/09/2012 04:20:16 - Run 1
  2. OTL by OldTimer - Version 3.2.60.0 Folder = D:\Desktop
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
  6.  
  7. 7,95 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,82% Memory free
  8. 15,90 Gb Paging File | 13,30 Gb Available in Paging File | 83,68% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 349,51 Gb Total Space | 151,44 Gb Free Space | 43,33% Space Free | Partition Type: NTFS
  13. Drive D: | 581,90 Gb Total Space | 263,87 Gb Free Space | 45,35% Space Free | Partition Type: NTFS
  14. Drive G: | 6,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
  15. Drive H: | 3,64 Gb Total Space | 1,59 Gb Free Space | 43,70% Space Free | Partition Type: FAT32
  16.  
  17. Computer Name: NIKO-PC | User Name: Utilisateur | Logged in as Administrator.
  18. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  20.  
  21. [color=#E56717]========== Processes (SafeList) ==========[/color]
  22.  
  23. PRC - [2012/09/04 04:16:39 | 000,599,040 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
  24. PRC - [2012/08/29 17:46:56 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  25. PRC - [2012/08/22 22:22:00 | 000,209,269 | ---- | M] () -- D:\torrent.exe
  26. PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  27. PRC - [2012/07/19 10:00:56 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  28. PRC - [2012/07/19 10:00:54 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  29. PRC - [2012/07/19 10:00:30 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  30. PRC - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
  31. PRC - [2012/07/07 01:24:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  32. PRC - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
  33. PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
  34. PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
  35.  
  36.  
  37. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  38.  
  39. MOD - [2012/09/02 04:15:00 | 000,011,264 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsk707B.tmp\System.dll
  40. MOD - [2012/09/02 04:15:00 | 000,009,728 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsk707B.tmp\nsDialogs.dll
  41. MOD - [2012/09/02 04:15:00 | 000,004,608 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsk707B.tmp\InetBgDL.dll
  42. MOD - [2012/09/02 04:09:16 | 000,009,728 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsi2EF9.tmp\nsDialogs.dll
  43. MOD - [2012/09/02 04:09:15 | 000,011,264 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsi2EF9.tmp\System.dll
  44. MOD - [2012/09/02 04:09:15 | 000,004,608 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nsi2EF9.tmp\InetBgDL.dll
  45. MOD - [2012/09/02 04:08:49 | 000,011,264 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nssC6B5.tmp\System.dll
  46. MOD - [2012/09/02 04:08:49 | 000,009,728 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nssC6B5.tmp\nsDialogs.dll
  47. MOD - [2012/09/02 04:08:49 | 000,004,608 | ---- | M] () -- C:\Users\UTILIS~1\AppData\Local\Temp\nssC6B5.tmp\InetBgDL.dll
  48. MOD - [2012/08/29 17:46:55 | 002,242,528 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  49. MOD - [2012/08/22 22:22:00 | 000,209,269 | ---- | M] () -- D:\torrent.exe
  50. MOD - [2011/04/24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
  51. MOD - [2011/04/24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
  52. MOD - [2011/04/24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
  53. MOD - [2011/04/24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
  54. MOD - [2011/04/24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
  55. MOD - [2011/04/24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
  56. MOD - [2011/04/20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
  57.  
  58.  
  59. [color=#E56717]========== Services (SafeList) ==========[/color]
  60.  
  61. SRV:[b]64bit:[/b] - [2012/08/04 19:23:14 | 000,427,672 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice)
  62. SRV:[b]64bit:[/b] - [2012/07/28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  63. SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
  64. SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
  65. SRV:[b]64bit:[/b] - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
  66. SRV:[b]64bit:[/b] - [2009/09/14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
  67. SRV:[b]64bit:[/b] - [2009/09/14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
  68. SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
  69. SRV - [2012/08/29 17:46:55 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  70. SRV - [2012/08/26 14:44:50 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  71. SRV - [2012/08/24 00:36:28 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  72. SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  73. SRV - [2012/07/19 10:00:56 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
  74. SRV - [2012/07/19 10:00:54 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  75. SRV - [2012/07/19 10:00:30 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
  76. SRV - [2012/07/16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
  77. SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  78. SRV - [2012/07/11 19:25:39 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  79. SRV - [2012/07/07 01:24:29 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  80. SRV - [2012/06/27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
  81. SRV - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
  82. SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
  83. SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
  84. SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  85. SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  86.  
  87.  
  88. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  89.  
  90. DRV:[b]64bit:[/b] - [2012/07/28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  91. DRV:[b]64bit:[/b] - [2012/07/28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  92. DRV:[b]64bit:[/b] - [2012/07/19 00:25:45 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
  93. DRV:[b]64bit:[/b] - [2012/07/05 09:04:24 | 008,934,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  94. DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
  95. DRV:[b]64bit:[/b] - [2012/06/19 16:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  96. DRV:[b]64bit:[/b] - [2012/05/31 14:29:14 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
  97. DRV:[b]64bit:[/b] - [2012/05/28 16:13:27 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
  98. DRV:[b]64bit:[/b] - [2012/04/12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  99. DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
  100. DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  101. DRV:[b]64bit:[/b] - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)
  102. DRV:[b]64bit:[/b] - [2011/07/06 12:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
  103. DRV:[b]64bit:[/b] - [2011/03/21 10:50:00 | 000,085,632 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
  104. DRV:[b]64bit:[/b] - [2011/03/21 10:50:00 | 000,060,800 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
  105. DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  106. DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  107. DRV:[b]64bit:[/b] - [2011/03/10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
  108. DRV:[b]64bit:[/b] - [2011/03/04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
  109. DRV:[b]64bit:[/b] - [2011/03/04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
  110. DRV:[b]64bit:[/b] - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
  111. DRV:[b]64bit:[/b] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  112. DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  113. DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  114. DRV:[b]64bit:[/b] - [2009/11/02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
  115. DRV:[b]64bit:[/b] - [2009/09/08 08:41:32 | 000,160,264 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0728.sys -- (SaiK0728)
  116. DRV:[b]64bit:[/b] - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
  117. DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  118. DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  119. DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  120. DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  121. DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  122. DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  123. DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  124. DRV:[b]64bit:[/b] - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
  125. DRV:[b]64bit:[/b] - [2008/02/18 16:20:21 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
  126. DRV:[b]64bit:[/b] - [2008/02/18 16:20:21 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
  127. DRV:[b]64bit:[/b] - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
  128. DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  129.  
  130.  
  131. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  132.  
  133.  
  134. [color=#E56717]========== Internet Explorer ==========[/color]
  135.  
  136. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  137. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  138. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  139. IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
  140. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  141. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  142.  
  143.  
  144. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  145.  
  146. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  147.  
  148.  
  149.  
  150. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=108988&tt=3612_3&babsrc=HP_ss&mntrId=5432348000000000000050e549e8a799
  151. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
  152. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
  153. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC E5 AF 9C AF 42 CD 01 [binary data]
  154. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
  155. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
  156. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  157. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=108988&tt=3612_3&babsrc=SP_ss&mntrId=5432348000000000000050e549e8a799
  158. IE - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  159.  
  160. [color=#E56717]========== FireFox ==========[/color]
  161.  
  162. FF - prefs.js..browser.search.useDBForOrder: true
  163. FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
  164. FF - prefs.js..keyword.URL: "http://www.google.com/"
  165.  
  166.  
  167. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
  168. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  169. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft)
  170. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  171. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
  172. FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  173. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
  174. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  175. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  176. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
  177. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
  178. FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
  179. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  180. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
  181. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  182. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  183. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  184. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  185. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
  186. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
  187.  
  188. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/09/03 14:23:47 | 000,000,000 | ---D | M]
  189. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/09/03 14:23:47 | 000,000,000 | ---D | M]
  190. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
  191. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/29 17:46:56 | 000,000,000 | ---D | M]
  192. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  193. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/29 17:46:56 | 000,000,000 | ---D | M]
  194. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  195.  
  196. [2012/05/22 20:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions
  197. [2012/09/04 03:53:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\z3rf4s5m.default\extensions
  198. [2012/06/26 22:33:30 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\z3rf4s5m.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
  199. [2012/05/22 20:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
  200. [2012/08/29 17:46:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
  201. [2012/06/18 00:23:53 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
  202. [2012/09/04 03:45:06 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
  203. [2012/08/29 17:46:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
  204. [2012/06/18 00:23:53 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
  205. [2012/06/18 00:23:53 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
  206. [2012/06/18 00:23:53 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
  207. [2012/06/18 00:23:53 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
  208.  
  209. [color=#E56717]========== Chrome ==========[/color]
  210.  
  211. CHR - default_search_provider: Google (Enabled)
  212. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  213. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
  214. CHR - homepage: http://search.babylon.com/?affID=108988&tt=3612_3&babsrc=HP_ss&mntrId=5432348000000000000050e549e8a799
  215. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  216. CHR - plugin: Native Client (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
  217. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
  218. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
  219. CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
  220. CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
  221. CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
  222. CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
  223. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  224. CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
  225. CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
  226. CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
  227. CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
  228. CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
  229. CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
  230. CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
  231. CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
  232. CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  233. CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
  234. CHR - plugin: Google Update (Enabled) = C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
  235. CHR - Extension: YouTube = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  236. CHR - Extension: Recherche Google = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  237. CHR - Extension: Analyse des liens (URL Advisor) = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
  238. CHR - Extension: Clavier virtuel = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
  239. CHR - Extension: uTorrentBar_FR = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.15.10_0\
  240. CHR - Extension: Gmail = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  241. CHR - Extension: Kaspersky Anti-banni\u00E8re = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
  242.  
  243. O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  244. O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
  245. O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
  246. O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
  247. O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
  248. O2 - BHO: (ECarteBleueBrowserHelper Class) - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\Windows\SysWOW64\BhoECart.dll (Orbiscom Ltd. All rights reserved.)
  249. O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
  250. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
  251. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  252. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
  253. O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
  254. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
  255. O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
  256. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  257. O3 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
  258. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  259. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  260. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  261. O4:[b]64bit:[/b] - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
  262. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
  263. O4:[b]64bit:[/b] - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
  264. O4:[b]64bit:[/b] - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
  265. O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
  266. O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
  267. O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
  268. O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
  269. O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
  270. O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
  271. O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  272. O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  273. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
  274. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
  275. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\Run: [EPSON BX305 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Windows\TEMP\E_S7F9C.tmp" /EF "HKCU" File not found
  276. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
  277. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  278. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  279. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  280. O4 - HKU\S-1-5-21-2184598628-1848675650-3225907444-1000..\RunOnce: [JavaInstallRetry] C:\Users\Utilisateur\AppData\LocalLow\Sun\Java\JRERunOnce.exe (Oracle Corporation)
  281. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  282. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  283. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  284. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  285. O9:[b]64bit:[/b] - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
  286. O9:[b]64bit:[/b] - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
  287. O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
  288. O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
  289. O13[b]64bit:[/b] - gopher Prefix: missing
  290. O13 - gopher Prefix: missing
  291. O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
  292. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
  293. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.)
  294. O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe (CamfrogWEB Advanced Unicode Control)
  295. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  296. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
  297. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{383E8B3E-0462-4535-BC61-BEF1C8E408AA}: DhcpNameServer = 212.27.40.240 212.27.40.241
  298. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  299. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  300. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  301. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  302. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  303. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  304. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  305. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  306. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  307. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  308. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  309. O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  310. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  311. O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
  312. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  313. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  314. O32 - HKLM CDRom: AutoRun - 1
  315. O32 - AutoRun File - [2009/05/11 10:05:24 | 000,000,115 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
  316. O33 - MountPoints2\{bfa84c40-a8cf-11e1-a48e-806e6f6e6963}\Shell - "" = AutoRun
  317. O33 - MountPoints2\{bfa84c40-a8cf-11e1-a48e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009/06/11 10:12:43 | 000,064,512 | R--- | M] (Aspyr Media, Inc.)
  318. O33 - MountPoints2\{bfa84c40-a8cf-11e1-a48e-806e6f6e6963}\Shell\dinstall\command - "" = G:\DirectX9\DXSETUP.exe -- [2008/10/31 08:15:25 | 000,528,392 | R--- | M] (Microsoft Corporation)
  319. O34 - HKLM BootExecute: (autocheck autochk *)
  320. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  321. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  322. O35 - HKLM\..comfile [open] -- "%1" %*
  323. O35 - HKLM\..exefile [open] -- "%1" %*
  324. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  325. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  326. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  327. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  328. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  329. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  330. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  331.  
  332.  
  333.  
  334. Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  335. Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L)
  336. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  337. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  338. Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
  339.  
  340. CREATERESTOREPOINT
  341. Restore point Set: OTL Restore Point
  342.  
  343. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  344.  
  345. [2012/09/04 04:16:37 | 000,599,040 | ---- | C] (OldTimer Tools) -- D:\Desktop\OTL.exe
  346. [2012/09/04 03:45:02 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Babylon
  347. [2012/09/04 03:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
  348. [2012/09/03 22:08:19 | 000,000,000 | ---D | C] -- D:\Desktop\Shiryn Valley Localhost
  349. [2012/09/02 04:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
  350. [2012/08/31 17:59:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{FAAFA736-FBC3-47F9-9518-60180C3333A1}
  351. [2012/08/29 17:46:49 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{75CD9739-789B-43B9-B2FB-D36C9A5D25C6}
  352. [2012/08/28 18:13:15 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{37545955-0540-4B3F-9009-86B02348C710}
  353. [2012/08/26 14:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
  354. [2012/08/26 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{85FDA8A8-0D6D-4D64-B378-D940C7D78346}
  355. [2012/08/22 06:01:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{D40CFA08-593A-47E3-BC20-17EF6D4F2896}
  356. [2012/08/21 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{8783586F-5320-40C6-8BF6-DFBDB0FC918D}
  357. [2012/08/20 18:39:38 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{D15973F7-211F-4E5A-B119-3A730597DF69}
  358. [2012/08/20 17:35:32 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{1D5D27F8-39A2-4E9A-AA45-4C2C6DDBC34F}
  359. [2012/08/20 17:16:22 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{271EF395-3B53-4EF9-81C3-789053944F13}
  360. [2012/08/20 16:59:36 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{730FDC4C-200A-464F-B85C-ADEAA355F6F8}
  361. [2012/08/20 04:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
  362. [2012/08/20 04:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
  363. [2012/08/20 04:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
  364. [2012/08/20 04:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
  365. [2012/08/19 00:36:38 | 000,000,000 | ---D | C] -- D:\Desktop\Map Portal 2
  366. [2012/08/17 17:32:12 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{31AC05BB-3D89-4493-9BD3-FAB28D20884A}
  367. [2012/08/17 17:31:50 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{1C0BC512-9366-4FDF-821A-73B0CC5F5CA2}
  368. [2012/08/17 17:14:16 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{2112AAB4-E6CA-434A-BF7B-D0E182A8B977}
  369. [2012/08/17 17:14:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{3EBAC598-D324-496C-8775-F92B911F803D}
  370. [2012/08/17 16:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  371. [2012/08/17 16:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  372. [2012/08/16 17:55:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
  373. [2012/08/16 17:36:58 | 000,000,000 | ---D | C] -- D:\Documents\Aspyr
  374. [2012/08/16 17:36:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Aspyr
  375. [2012/08/16 13:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drum Controller Standard Tuning Kit
  376. [2012/08/16 13:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
  377. [2012/08/16 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr
  378. [2012/08/16 11:56:37 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
  379. [2012/08/16 11:56:37 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
  380. [2012/08/16 11:56:37 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
  381. [2012/08/16 11:56:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
  382. [2012/08/16 11:56:36 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
  383. [2012/08/16 11:56:36 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
  384. [2012/08/15 12:07:56 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{DCFBA8B5-9F3F-435B-8EF8-562EEB6269E3}
  385. [2012/08/15 12:07:45 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{342032DE-79EB-40DE-BE13-A933F650B0FB}
  386. [2012/08/15 03:01:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
  387. [2012/08/15 03:01:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
  388. [2012/08/15 03:01:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
  389. [2012/08/15 03:01:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
  390. [2012/08/15 03:01:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
  391. [2012/08/15 03:01:40 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
  392. [2012/08/15 03:01:40 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
  393. [2012/08/15 03:01:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
  394. [2012/08/15 03:01:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
  395. [2012/08/15 03:01:40 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
  396. [2012/08/15 03:01:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
  397. [2012/08/15 03:01:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
  398. [2012/08/15 03:01:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
  399. [2012/08/15 01:50:34 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
  400. [2012/08/15 01:50:33 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
  401. [2012/08/15 01:50:33 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
  402. [2012/08/15 01:50:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
  403. [2012/08/15 01:50:33 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
  404. [2012/08/15 01:50:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
  405. [2012/08/15 01:50:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
  406. [2012/08/15 01:50:31 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
  407. [2012/08/13 05:13:31 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{62F9E530-19B7-4545-93BA-27265A6F37DA}
  408. [2012/08/13 05:13:20 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{A6FC67CD-9FA0-499F-90DF-B6E9D4CC9C6D}
  409. [2012/08/13 03:37:15 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Microsoft Games
  410. [2012/08/12 23:01:20 | 000,000,000 | ---D | C] -- D:\Desktop\Nouveau dossier
  411. [2012/08/12 14:37:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{9D87EE5C-5B84-436A-B0A2-CBA5B364C84C}
  412. [2012/08/12 14:36:48 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{FE8E03DB-86EC-4E7A-9923-981CE22588E4}
  413. [2012/08/12 02:02:20 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\CrashRpt
  414. [2012/08/12 01:43:28 | 000,000,000 | ---D | C] -- D:\Desktop\Jc-Mp
  415. [2012/08/11 21:19:05 | 000,000,000 | ---D | C] -- D:\Desktop\Photo Bateau
  416. [2012/08/11 16:02:57 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{64ABE48D-A99D-49F2-85E9-DBE34A66B5EF}
  417. [2012/08/11 15:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
  418. [2012/08/11 15:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
  419. [2012/08/11 15:55:19 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{C961B045-5028-46ED-BEC6-999D9C3EC55C}
  420. [2012/08/09 00:23:09 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\.minecraft
  421. [2012/08/08 19:36:50 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{323EB8DA-6B9D-4604-99E8-64383154A885}
  422. [2012/08/08 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{B599643D-B28C-4D64-B66C-73DD14D6E556}
  423. [2012/08/08 13:30:35 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{4FDD0295-0072-4AE0-9CD3-BC9F0F045D83}
  424.  
  425. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  426.  
  427. [2012/09/04 04:16:39 | 000,599,040 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
  428. [2012/09/04 03:45:13 | 000,000,304 | ---- | M] () -- C:\user.js
  429. [2012/09/04 03:32:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  430. [2012/09/04 03:28:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2184598628-1848675650-3225907444-1000UA.job
  431. [2012/09/04 01:28:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2184598628-1848675650-3225907444-1000Core.job
  432. [2012/09/03 22:27:10 | 000,014,865 | ---- | M] () -- D:\Documents\Shiryn Valley Localhost.torrent
  433. [2012/09/03 08:29:00 | 000,002,374 | ---- | M] () -- D:\Desktop\Google Chrome.lnk
  434. [2012/08/31 22:04:20 | 001,661,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  435. [2012/08/31 22:04:20 | 000,745,056 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
  436. [2012/08/31 22:04:20 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  437. [2012/08/31 22:04:20 | 000,148,574 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
  438. [2012/08/31 22:04:20 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  439. [2012/08/30 16:49:59 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  440. [2012/08/30 16:49:59 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  441. [2012/08/29 17:44:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  442. [2012/08/29 17:44:30 | 2107,465,727 | -HS- | M] () -- C:\hiberfil.sys
  443. [2012/08/26 14:44:50 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  444. [2012/08/26 14:44:50 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  445. [2012/08/20 04:19:46 | 000,018,276 | ---- | M] () -- C:\Windows\SysNative\results.xml
  446. [2012/08/20 04:04:23 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Démarrer la détection.lnk
  447. [2012/08/17 23:06:20 | 000,156,527 | ---- | M] () -- D:\Documents\Recu portal 2.xps
  448. [2012/08/17 16:30:28 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  449. [2012/08/17 16:27:42 | 000,000,022 | ---- | M] () -- D:\Desktop\Ram.vbs
  450. [2012/08/16 23:03:45 | 000,156,807 | ---- | M] () -- D:\Documents\Recu sleeping dogs.xps
  451. [2012/08/16 13:33:04 | 000,002,306 | ---- | M] () -- C:\Users\Public\Desktop\Drum Controller Standard Tuning Kit.lnk
  452. [2012/08/16 12:02:01 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Jouer à Guitar Hero World Tour.lnk
  453. [2012/08/15 07:19:06 | 000,296,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  454. [2012/08/12 22:30:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk
  455. [2012/08/12 22:30:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk
  456. [2012/08/11 15:58:43 | 000,001,089 | ---- | M] () -- D:\Desktop\AIDA64 Extreme Edition.lnk
  457.  
  458. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  459.  
  460. [2012/09/04 03:45:13 | 000,000,304 | ---- | C] () -- C:\user.js
  461. [2012/09/03 22:18:18 | 000,014,865 | ---- | C] () -- D:\Documents\Shiryn Valley Localhost.torrent
  462. [2012/08/17 23:06:19 | 000,156,527 | ---- | C] () -- D:\Documents\Recu portal 2.xps
  463. [2012/08/17 16:30:28 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
  464. [2012/08/17 16:27:42 | 000,000,022 | ---- | C] () -- D:\Desktop\Ram.vbs
  465. [2012/08/16 23:03:45 | 000,156,807 | ---- | C] () -- D:\Documents\Recu sleeping dogs.xps
  466. [2012/08/16 13:33:04 | 000,002,306 | ---- | C] () -- C:\Users\Public\Desktop\Drum Controller Standard Tuning Kit.lnk
  467. [2012/08/16 12:02:01 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Jouer à Guitar Hero World Tour.lnk
  468. [2012/08/11 15:58:43 | 000,001,089 | ---- | C] () -- D:\Desktop\AIDA64 Extreme Edition.lnk
  469. [2012/07/24 20:08:17 | 000,000,972 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\recently-used.xbel
  470. [2012/07/11 19:23:53 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
  471. [2012/07/11 19:23:51 | 000,963,388 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
  472. [2012/07/11 19:23:51 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  473. [2012/06/02 12:44:52 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  474. [2012/06/02 12:44:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  475. [2012/05/31 14:30:34 | 000,017,408 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\WebpageIcons.db
  476. [2012/05/28 18:59:20 | 000,003,584 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  477. [2012/05/27 22:11:17 | 000,000,118 | ---- | C] () -- C:\Windows\WININIT.INI
  478. [2012/05/26 11:21:00 | 001,639,320 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  479. [2012/05/16 16:26:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  480. [2012/05/16 16:10:42 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
  481. [2012/05/16 16:07:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
  482. [2012/05/16 16:06:10 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
  483. [2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
  484. [2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
  485. [2012/03/09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
  486. [2012/03/09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
  487. [2012/03/07 01:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
  488. [2012/01/31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
  489. [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
  490. [2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
  491.  
  492. [color=#E56717]========== LOP Check ==========[/color]
  493.  
  494. [2012/09/03 19:34:02 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\.minecraft
  495. [2012/09/04 03:45:02 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Babylon
  496. [2012/08/17 16:37:00 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\DAEMON Tools Lite
  497. [2012/07/09 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Easy Thumbnails
  498. [2012/06/13 14:48:01 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Epson
  499. [2012/06/15 14:41:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\fltk.org
  500. [2012/07/08 01:56:44 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\MAXON
  501. [2012/07/11 17:22:33 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\MotioninJoy
  502. [2012/09/01 16:55:47 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Mumble
  503. [2012/07/09 02:12:00 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Notepad++
  504. [2012/05/30 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org
  505. [2012/08/11 15:56:20 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Origin
  506. [2012/06/02 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\PunkBuster
  507. [2012/06/26 22:31:28 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\pymclevel
  508. [2012/07/15 17:39:45 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\six-updater
  509. [2012/07/15 14:55:11 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\six-zsync
  510. [2012/05/22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\SystemRequirementsLab
  511. [2012/07/13 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\TeamViewer
  512. [2012/09/04 03:37:47 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\uTorrent
  513. [2012/07/15 02:06:51 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Windows Live Writer
  514. [2012/08/11 15:54:05 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  515.  
  516. [color=#E56717]========== Purity Check ==========[/color]
  517.  
  518.  
  519.  
  520. [color=#E56717]========== Custom Scans ==========[/color]
  521.  
  522. [color=#A23BEC]< %APPDATA%\*. >[/color]
  523. [2012/09/03 19:34:02 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\.minecraft
  524. [2012/05/24 19:15:58 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Adobe
  525. [2012/05/16 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\ATI
  526. [2012/09/04 03:45:02 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Babylon
  527. [2012/08/17 16:37:00 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\DAEMON Tools Lite
  528. [2012/07/09 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Easy Thumbnails
  529. [2012/06/13 14:48:01 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Epson
  530. [2012/06/15 14:41:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\fltk.org
  531. [2012/05/16 16:05:23 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Identities
  532. [2012/05/16 16:10:28 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\InstallShield
  533. [2012/05/22 20:54:11 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Macromedia
  534. [2012/07/08 01:56:44 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\MAXON
  535. [2011/04/12 11:27:52 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Media Center Programs
  536. [2012/07/26 06:37:23 | 000,000,000 | --SD | M] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft
  537. [2012/07/11 17:22:33 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\MotioninJoy
  538. [2012/05/22 20:40:57 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Mozilla
  539. [2012/09/01 16:55:47 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Mumble
  540. [2012/07/09 02:12:00 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Notepad++
  541. [2012/05/30 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org
  542. [2012/08/11 15:56:20 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Origin
  543. [2012/06/02 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\PunkBuster
  544. [2012/06/26 22:31:28 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\pymclevel
  545. [2012/07/19 19:47:25 | 000,000,000 | RH-D | M] -- C:\Users\Utilisateur\AppData\Roaming\SecuROM
  546. [2012/07/15 17:39:45 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\six-updater
  547. [2012/07/15 14:55:11 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\six-zsync
  548. [2012/09/04 04:16:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Skype
  549. [2012/05/22 23:09:22 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\SystemRequirementsLab
  550. [2012/07/13 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\TeamViewer
  551. [2012/09/04 03:37:47 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\uTorrent
  552. [2012/08/15 03:55:47 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\vlc
  553. [2012/07/15 02:06:51 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Windows Live Writer
  554. [2012/05/25 20:01:21 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\WinRAR
  555.  
  556. [color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
  557. [2012/06/02 15:52:55 | 000,088,102 | R--- | M] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Installer\{D726D186-0BA7-8BC4-6273-A9AED17C7B8A}\ARPPRODUCTICON.exe
  558. [2012/07/19 00:25:42 | 000,104,768 | ---- | M] (www.motioninjoy.com) -- C:\Users\Utilisateur\AppData\Roaming\MotioninJoy\DS3tool\update\DS3_Tool.exe
  559. [2010/03/05 17:49:50 | 000,197,632 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\z3rf4s5m.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
  560. [2010/03/12 18:45:00 | 000,042,496 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\z3rf4s5m.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
  561. [2010/03/12 18:45:00 | 000,056,832 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\z3rf4s5m.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
  562. [2010/03/19 13:04:44 | 000,152,664 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\z3rf4s5m.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
  563. [2011/02/24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Utilisateur\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
  564.  
  565. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  566. [2012/05/16 16:10:42 | 000,000,180 | ---- | M] () -- C:\csb.log
  567. [2012/08/29 17:44:30 | 2107,465,727 | -HS- | M] () -- C:\hiberfil.sys
  568. [2012/05/16 16:09:19 | 000,000,189 | ---- | M] () -- C:\Install.log
  569. [2012/08/29 17:44:33 | 4241,612,799 | -HS- | M] () -- C:\pagefile.sys
  570. [2012/05/16 16:09:04 | 000,003,266 | ---- | M] () -- C:\RHDSetup.log
  571. [2012/07/05 17:46:20 | 000,005,958 | ---- | M] () -- C:\shared.log
  572. [2012/09/04 03:45:13 | 000,000,304 | ---- | M] () -- C:\user.js
  573.  
  574. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  575.  
  576. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  577.  
  578. [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
  579.  
  580. [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
  581.  
  582. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  583.  
  584. [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
  585. [2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
  586. [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
  587. [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
  588. [2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
  589. [2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
  590. [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
  591. [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
  592. [2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
  593.  
  594. [color=#A23BEC]< MD5 for: IEXPLORE.EXE >[/color]
  595. [2012/06/02 13:47:54 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=004640AB259C1572EBD5FB0A32F63686 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_0dbfc836999db0ca\iexplore.exe
  596. [2012/05/18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_1798a687b4d6030f\iexplore.exe
  597. [2012/06/29 07:02:52 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=1223ACBFC1093852DFF039E189599BBD -- C:\Program Files\Internet Explorer\iexplore.exe
  598. [2012/06/29 07:02:52 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=1223ACBFC1093852DFF039E189599BBD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_0d45fcc9807373c2\iexplore.exe
  599. [2012/05/18 00:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_181271f4ce004017\iexplore.exe
  600. [2012/06/02 11:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_1799a6d1b4d51c66\iexplore.exe
  601. [2012/05/18 04:51:05 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_0d43fc3580754114\iexplore.exe
  602. [2012/06/29 04:45:31 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=5D03518409F37D1483C98869D86E23FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_0dc0c880999cca21\iexplore.exe
  603. [2012/06/02 14:52:21 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=610F6596921C4BAA8834ADBB9BE272EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_0d44fc7f80745a6b\iexplore.exe
  604. [2010/11/21 05:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
  605. [2012/05/22 21:22:37 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
  606. [2012/06/29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  607. [2012/06/29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_179aa71bb4d435bd\iexplore.exe
  608. [2012/06/02 10:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_18147288cdfe72c5\iexplore.exe
  609. [2010/11/21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
  610. [2012/06/29 01:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_181572d2cdfd8c1c\iexplore.exe
  611. [2012/05/22 21:22:36 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe
  612. [2012/05/18 03:37:57 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_0dbdc7a2999f7e1c\iexplore.exe
  613.  
  614. [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
  615. [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
  616. [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
  617. [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
  618. [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
  619.  
  620. [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
  621. [2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
  622. [2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
  623. [2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
  624. [2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
  625.  
  626. [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
  627. [2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
  628. [2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
  629.  
  630. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!