Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-06-2013
Ran by Syst�me on 13-06-2013 20:22:04
Running from K:\
Windows 7 Home Premium (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
[b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b]
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2011-10-09] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-11] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\EdoMarie\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\EdoMarie\...\Run: [Facebook Update] "C:\Users\EdoMarie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)
HKU\EdoMarie\...\RunOnce: [Uninstall C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [x]
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
AppInit_DLLs: [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\ZDWLan Utility.lnk
ShortcutTarget: ZDWLan Utility.lnk -> C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()
Startup: C:\Users\EdoMarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] ()
S2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936 2008-06-26] ()
S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-28] (Atheros Communications, Inc.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 driverhardwarev2x64; C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [15872 2010-08-30] (CybelSoft)
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-13] ()
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-13] ()
S3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-02-26] (DT Soft Ltd)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-10] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2013-04-26] (Duplex Secure Ltd.)
S3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft)
S3 catchme; \??\C:\Users\EdoMarie\AppData\Local\Temp\catchme.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [x]
S2 SBKUPNT;
S2 V2iMount;
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys AD12F5C7251BB8D575D560894E73CBBA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrxusb.sys 788914C42AD8318F1DD7A565EAFFB049
C:\Windows\System32\DRIVERS\avgntflt.sys 09E6069EF94B345061B4BD3CEBD974C8
C:\Windows\System32\DRIVERS\avipbb.sys 488486DAD09A5B6C6DBB8B990A8B2307
C:\Windows\System32\DRIVERS\avkmgr.sys 490FA25161BF3E51993EB724ECF0ACEB
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys 3F9933FAC064A84A293207F039860DE7
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys 692EF4D0DC4B2B722E967B1A355564F0
C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys 692EF4D0DC4B2B722E967B1A355564F0
C:\Windows\System32\DRIVERS\dtsoftbus01.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\GenericMount.sys 022807B149127B8FAA3DBEB13A7D9B41
C:\Windows\System32\drivers\hcw88aud.sys CE18A0F7387AD605D49546D28B752C19
C:\Windows\System32\drivers\hcw88bda.sys BBD63DE84CEFF26A7B9D86883F1E2E2C
C:\Windows\System32\drivers\hcw88tse.sys 34685FE0AEA24A1B60D0A4D467033DAD
C:\Windows\System32\drivers\hcw88tun.sys 4F6B549347FDF0212F5496711D751271
C:\Windows\System32\drivers\hcw88vid.sys 79CA05A71DFD411E70D2FD2DE5829F97
C:\Windows\System32\drivers\HCW88BAR.sys 6AFA200796E505E302A5449E3A369812
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 24CC43ECDEEFD4C19FBBEE4951B647F1
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 96B0A408842B0E214EDCB41E89438999
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\libusb0.sys E2F1DCF4A68CC6CF694FBFBA1842F4CD
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lv302a64.sys 4A503882318BB2F59218D401614E6AF6
C:\Windows\System32\DRIVERS\lvrs64.sys 125AE13C293889001B8456CF3EB04A40
C:\Windows\System32\DRIVERS\mcvidrv_x64.sys 922CBAC7B992B9614CAB7122F4BF9406
C:\Windows\System32\drivers\mcaudrv_x64.sys 34A42DD7CF525D0D2C5232916496E4B8
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LV302V64.SYS AE0B94363DA0F60D42B9D05B352F61ED
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RMCAST.sys CAF88D6573D21CD2AA27001DDBFDC74D
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\System32\DRIVERS\RTL8192su.sys 3C85058541D55BFCEFD9177A68A507C6
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys C6CC9297BD53E5229653303E556AA539
C:\Windows\System32\DRIVERS\Sftplaylh.sys 390AA7BC52CEE43F6790CDEA1E776703
C:\Windows\System32\DRIVERS\Sftredirlh.sys 617E29A0B0A2807466560D4C4E338D3E
C:\Windows\System32\DRIVERS\Sftvollh.sys 8F571F016FA1976F445147E9E6C8AE9B
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys AF1B9474D67897D0C2CFF58E0ACEACCC
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\DRIVERS\VCam_WDM.sys 9024E915F803431E2C2C85070DC919FB
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
Error(0) reading file: "C:\Windows\System32\ "
2013-06-13 20:21 - 2013-06-13 20:21 - 00000000 ____D C:\FRST
2013-06-13 08:13 - 2013-06-13 08:13 - 00012924 ____A C:\Users\EdoMarie\Desktop\06132013_180646.log
2013-06-13 08:06 - 2013-06-13 08:06 - 00000000 ____D C:\_OTL
2013-06-13 05:58 - 2013-06-13 05:59 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-12 23:50 - 2013-06-13 00:11 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-12 12:01 - 2013-06-12 12:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 11:30 - 2013-06-12 11:31 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 11:27 - 2013-06-13 08:10 - 00000336 ____A C:\Windows\setupact.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000820 ____A C:\Windows\PFRO.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 11:13 - 2013-06-12 11:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 11:12 - 2013-06-12 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 11:12 - 2013-04-04 04:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-12 11:08 - 2013-06-12 11:11 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 09:34 - 2013-06-12 09:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 08:27 - 2013-06-12 08:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 08:22 - 2013-06-12 08:27 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-12 05:40 - 2013-06-12 05:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 03:29 - 2013-06-12 04:10 - 00000000 ____D C:\ZHP
2013-06-12 03:29 - 2013-06-12 03:29 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-12 03:26 - 2013-06-12 03:26 - 05676095 ____A (Nicolas Coolman ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 03:21 - 2013-06-12 03:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 03:09 - 2013-06-12 03:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 02:47 - 2013-06-12 03:01 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 00:53 - 2010-11-20 05:34 - 00360832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcvmm.sys
2013-06-12 00:53 - 2010-11-20 05:34 - 00194944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpchbus.sys
2013-06-12 00:53 - 2010-11-20 05:27 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\vpchbuspipe.dll
2013-06-12 00:53 - 2010-11-20 05:25 - 04514816 ____A (Microsoft Corporation) C:\Windows\System32\vpc.exe
2013-06-12 00:53 - 2010-11-20 05:25 - 02264064 ____A (Microsoft Corporation) C:\Windows\System32\VPCWizard.exe
2013-06-12 00:53 - 2010-11-20 05:25 - 01369600 ____A (Microsoft Corporation) C:\Windows\System32\VPCSettings.exe
2013-06-12 00:53 - 2010-11-20 03:37 - 01210368 ____A (Microsoft Corporation) C:\Windows\System32\VMWindow.exe
2013-06-12 00:53 - 2010-11-20 03:37 - 00936448 ____A (Microsoft Corporation) C:\Windows\System32\vmsal.exe
2013-06-12 00:53 - 2010-11-20 03:35 - 00562176 ____A (Microsoft Corporation) C:\Windows\System32\VMCPropertyHandler.dll
2013-06-12 00:53 - 2010-11-20 03:35 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcusb.sys
2013-06-12 00:53 - 2010-11-20 03:35 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcnfltr.sys
2013-06-12 00:53 - 2010-11-20 02:52 - 00793600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2013-06-12 00:52 - 2013-06-12 00:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 00:51 - 2013-06-12 00:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 00:48 - 2013-06-12 00:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 00:47 - 2013-06-12 00:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 00:17 - 2013-05-16 17:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 00:17 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 00:17 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 00:17 - 2013-05-16 16:58 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 00:17 - 2013-05-14 05:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 00:17 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 00:17 - 2013-05-14 01:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 00:17 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 23:49 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 23:49 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 23:49 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 23:49 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 23:49 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 23:49 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 23:49 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 23:49 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 23:49 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 23:48 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 23:48 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 23:48 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 23:48 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 14:20 - 2013-06-11 14:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-11 14:15 - 2013-06-11 14:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 12:02 - 2013-06-11 12:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 12:01 - 2013-06-11 12:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 11:57 - 2013-06-11 12:12 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 11:34 - 2013-06-11 23:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-10 23:14 - 2013-06-10 23:15 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-07 01:43 - 2013-06-07 12:02 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-05 11:26 - 2013-06-05 11:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 06:44 - 2013-06-05 06:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 04:37 - 2013-06-05 06:16 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 03:27 - 2013-06-05 03:28 - 00000000 ____D C:\watch dogs
2013-06-04 12:21 - 2013-06-04 12:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 11:18 - 2013-06-03 11:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-05-31 05:56 - 2013-05-31 05:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 05:55 - 2013-05-31 05:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2013-05-31 05:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 05:54 - 2013-05-31 05:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 05:53 - 2013-05-31 05:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-26 10:58 - 2013-05-26 10:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 07:23 - 2013-05-26 07:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 06:58 - 2013-05-26 06:59 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 06:49 - 2013-05-26 06:52 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 06:42 - 2013-05-26 06:49 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 06:19 - 2013-05-26 06:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 06:06 - 2013-05-26 06:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 05:56 - 2013-05-26 05:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 04:08 - 2013-05-26 04:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 03:04 - 2013-05-26 04:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 03:01 - 2013-05-26 03:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 06:44 - 2013-05-24 06:47 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 11:28 - 2013-05-22 11:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 04:30 - 2013-05-22 04:30 - 00000000 ____D C:\Python25
2013-05-22 04:29 - 2013-05-22 04:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 04:19 - 2013-05-22 04:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 03:41 - 2013-05-22 03:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-20 02:53 - 2013-05-26 06:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-20 02:48 - 2013-05-20 02:49 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 11:23 - 2013-05-19 11:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 11:22 - 2013-05-19 11:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 11:21 - 2013-05-19 11:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 05:33 - 2013-05-19 05:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-18 15:07 - 2013-05-18 15:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)
2013-05-14 22:41 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 22:41 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 22:41 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 22:41 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 22:41 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 22:41 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 22:41 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 22:41 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 22:41 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 22:41 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 22:41 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 22:41 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 22:41 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 22:41 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
==================== One Month Modified Files and Folders =======
2013-06-13 20:21 - 2013-06-13 20:21 - 00000000 ____D C:\FRST
2013-06-13 10:07 - 2010-12-08 14:40 - 01304304 ____A C:\Windows\WindowsUpdate.log
2013-06-13 10:05 - 2010-11-27 09:19 - 00751958 ____A C:\Windows\System32\perfh00C.dat
2013-06-13 10:05 - 2010-11-27 09:19 - 00151714 ____A C:\Windows\System32\perfc00C.dat
2013-06-13 10:05 - 2009-07-13 21:13 - 01676872 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-13 09:46 - 2013-01-15 07:31 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-13 09:34 - 2012-04-14 18:17 - 00001002 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 09:21 - 2011-10-28 00:11 - 00001108 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000UA.job
2013-06-13 08:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 08:18 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-13 08:18 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-13 08:13 - 2013-06-13 08:13 - 00012924 ____A C:\Users\EdoMarie\Desktop\06132013_180646.log
2013-06-13 08:11 - 2013-01-15 07:31 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-13 08:10 - 2013-06-12 11:27 - 00000336 ____A C:\Windows\setupact.log
2013-06-13 08:10 - 2011-02-25 10:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-13 08:10 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-13 08:06 - 2013-06-13 08:06 - 00000000 ____D C:\_OTL
2013-06-13 06:09 - 2012-04-13 01:59 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Paint.NET
2013-06-13 05:59 - 2013-06-13 05:58 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-13 05:15 - 2012-01-28 04:48 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\uTorrent
2013-06-13 04:52 - 2011-02-26 03:56 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\CrashDumps
2013-06-13 00:33 - 2011-05-06 23:12 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\vlc
2013-06-13 00:21 - 2011-10-28 00:11 - 00001086 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000Core.job
2013-06-13 00:11 - 2013-06-12 23:50 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-13 00:00 - 2012-01-28 04:49 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-06-12 23:50 - 2011-02-25 10:46 - 00000000 ____D C:\users\EdoMarie
2013-06-12 12:01 - 2013-06-12 12:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 11:31 - 2013-06-12 11:30 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 11:27 - 2013-06-12 11:27 - 00000820 ____A C:\Windows\PFRO.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 11:13 - 2013-06-12 11:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 11:13 - 2013-06-12 11:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 11:11 - 2013-06-12 11:08 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 09:34 - 2013-06-12 09:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 08:27 - 2013-06-12 08:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 08:27 - 2013-06-12 08:22 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-12 08:20 - 2011-05-04 03:11 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Skype
2013-06-12 08:20 - 2011-02-26 23:49 - 00000000 ____D C:\Users\EdoMarie\Tracing
2013-06-12 08:19 - 2011-03-07 14:17 - 00000000 ____D C:\Windows\Minidump
2013-06-12 05:40 - 2013-06-12 05:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 04:15 - 2011-06-21 08:37 - 00001860 ____A C:\Users\UpdatusUser\Desktop\AD-R.lnk
2013-06-12 04:10 - 2013-06-12 03:29 - 00000000 ____D C:\ZHP
2013-06-12 04:06 - 2011-06-20 12:47 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2013-06-12 03:52 - 2009-07-13 15:19 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-06-12 03:29 - 2013-06-12 03:29 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-12 03:26 - 2013-06-12 03:26 - 05676095 ____A (Nicolas Coolman ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 03:21 - 2013-06-12 03:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 03:09 - 2013-06-12 03:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 03:01 - 2013-06-12 02:47 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 01:34 - 2012-04-14 18:17 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 01:34 - 2011-10-08 13:42 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\th-TH
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ro-RO
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\he-IL
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ar-SA
2013-06-12 00:52 - 2013-06-12 00:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 00:51 - 2013-06-12 00:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 00:48 - 2013-06-12 00:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 00:47 - 2013-06-12 00:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 00:18 - 2011-03-06 00:00 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 23:51 - 2013-06-11 11:34 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-11 14:20 - 2013-06-11 14:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-11 14:15 - 2013-06-11 14:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 12:12 - 2013-06-11 11:57 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 12:10 - 2013-06-11 12:02 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 12:10 - 2013-06-11 12:01 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 08:32 - 2013-05-05 04:38 - 00001718 ____A C:\Users\EdoMarie\Desktop\PESEDIT - Raccourci.lnk
2013-06-10 23:47 - 2012-12-14 02:30 - 00000000 ___RD C:\Users\EdoMarie\Desktop\Bureau
2013-06-10 23:15 - 2013-06-10 23:14 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-07 12:02 - 2013-06-07 01:43 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-07 11:49 - 2012-10-15 15:13 - 00000132 ____A C:\Users\EdoMarie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-07 00:40 - 2012-03-13 00:37 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\VirtuaTennis2009
2013-06-05 16:02 - 2011-05-17 03:39 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\SoftGrid Client
2013-06-05 11:26 - 2013-06-05 11:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 06:44 - 2013-06-05 06:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 06:16 - 2013-06-05 04:37 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 03:28 - 2013-06-05 03:27 - 00000000 ____D C:\watch dogs
2013-06-04 12:21 - 2013-06-04 12:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 11:18 - 2013-06-03 11:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-06-03 01:58 - 2013-05-06 10:23 - 00000000 ____D C:\Users\EdoMarie\Desktop\images pes ligue des masters , coupes
2013-06-02 02:25 - 2012-08-14 20:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\HpUpdate
2013-05-31 05:56 - 2013-05-31 05:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 05:55 - 2013-05-31 05:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2013-05-31 05:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2012-08-14 20:49 - 00000000 ____D C:\Program Files (x86)\HP
2013-05-31 05:55 - 2012-08-14 20:45 - 00000000 ____D C:\ProgramData\HP
2013-05-31 05:54 - 2013-05-31 05:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 05:54 - 2012-08-14 20:46 - 00000000 ____D C:\Program Files\HP
2013-05-31 05:53 - 2013-05-31 05:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-30 00:20 - 2011-12-17 10:27 - 00000000 ____D C:\Users\EdoMarie\Documents\cv
2013-05-26 10:58 - 2013-05-26 10:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 07:23 - 2013-05-26 07:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 06:59 - 2013-05-26 06:58 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 06:52 - 2013-05-26 06:49 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 06:51 - 2013-05-20 02:53 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-26 06:49 - 2013-05-26 06:42 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 06:19 - 2013-05-26 06:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 06:10 - 2013-05-26 06:06 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 05:56 - 2013-05-26 05:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 04:10 - 2013-05-26 03:04 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 04:08 - 2013-05-26 04:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 03:01 - 2013-05-26 03:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 06:47 - 2013-05-24 06:44 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 11:28 - 2013-05-22 11:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 04:30 - 2013-05-22 04:30 - 00000000 ____D C:\Python25
2013-05-22 04:29 - 2013-05-22 04:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 04:19 - 2013-05-22 04:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 03:41 - 2013-05-22 03:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-21 12:38 - 2011-03-08 04:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Adobe
2013-05-21 11:23 - 2011-03-07 04:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Adobe
2013-05-21 02:05 - 2011-02-26 23:28 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Windows Live
2013-05-20 02:49 - 2013-05-20 02:48 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 11:23 - 2013-05-19 11:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 11:22 - 2013-05-19 11:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 11:21 - 2013-05-19 11:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 05:33 - 2013-05-19 05:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-18 15:07 - 2013-05-18 15:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)
2013-05-16 17:25 - 2013-06-12 00:17 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 16:59 - 2013-06-12 00:17 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 16:59 - 2013-06-12 00:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 16:58 - 2013-06-12 00:17 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 22:30 - 2009-07-13 21:08 - 00032482 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-15 22:30 - 2009-07-13 20:45 - 00295032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-14 05:14 - 2013-06-12 00:17 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-14 04:23 - 2013-06-12 00:17 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 01:23 - 2013-06-12 00:17 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-14 00:40 - 2013-06-12 00:17 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
Files to move or delete:
====================
C:\Users\EdoMarie\wlsetup-web.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-06-12 00:16:22
Restore point made on: 2013-06-12 00:53:13
Restore point made on: 2013-06-12 03:12:09
Restore point made on: 2013-06-12 03:21:12
Restore point made on: 2013-06-12 03:22:37
Restore point made on: 2013-06-12 03:23:20
Restore point made on: 2013-06-12 03:38:22
Restore point made on: 2013-06-12 03:50:08
Restore point made on: 2013-06-12 04:35:26
Restore point made on: 2013-06-12 08:33:48
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 3071.24 MB
Available physical RAM: 2385.14 MB
Total Pagefile: 3069.39 MB
Available Pagefile: 2382.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:451.66 GB) (Free:49.19 GB) NTFS (Disk=0 Partition=3)
Drive e: (PQSERVICE) (Fixed) (Total:14 GB) (Free:1.32 GB) NTFS (Disk=0 Partition=1)
Drive f: (HP DJ1050_J410) (CDROM) (Total:0.33 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.41 GB) (Free:3.62 GB) FAT32 (Disk=2 Partition=1)
Drive k: (CL� VOITURE) (Removable) (Total:3.73 GB) (Free:2.08 GB) FAT32 (Disk=5 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C7E16395)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 73696420)
Partition 1: (Not Active) - (Size=-5185543680) - (Type=45)
Partition 2: (Not Active) - (Size=892 GB) - (Type=65)
Partition 3: (Not Active) - (Size=779 GB) - (Type=20)
Partition 4: (Not Active) - (Size=26 MB) - (Type=0D)
LastRegBack: 2013-06-13 08:40
==================== End Of Log ============================
Ran by Syst�me on 13-06-2013 20:22:04
Running from K:\
Windows 7 Home Premium (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
[b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b]
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2011-10-09] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-11] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\EdoMarie\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\EdoMarie\...\Run: [Facebook Update] "C:\Users\EdoMarie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)
HKU\EdoMarie\...\RunOnce: [Uninstall C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [x]
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
AppInit_DLLs: [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\ZDWLan Utility.lnk
ShortcutTarget: ZDWLan Utility.lnk -> C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()
Startup: C:\Users\EdoMarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] ()
S2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936 2008-06-26] ()
S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-28] (Atheros Communications, Inc.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 driverhardwarev2x64; C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [15872 2010-08-30] (CybelSoft)
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-13] ()
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-13] ()
S3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-02-26] (DT Soft Ltd)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-10] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2013-04-26] (Duplex Secure Ltd.)
S3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft)
S3 catchme; \??\C:\Users\EdoMarie\AppData\Local\Temp\catchme.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [x]
S2 SBKUPNT;
S2 V2iMount;
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys AD12F5C7251BB8D575D560894E73CBBA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrxusb.sys 788914C42AD8318F1DD7A565EAFFB049
C:\Windows\System32\DRIVERS\avgntflt.sys 09E6069EF94B345061B4BD3CEBD974C8
C:\Windows\System32\DRIVERS\avipbb.sys 488486DAD09A5B6C6DBB8B990A8B2307
C:\Windows\System32\DRIVERS\avkmgr.sys 490FA25161BF3E51993EB724ECF0ACEB
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys 3F9933FAC064A84A293207F039860DE7
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys 692EF4D0DC4B2B722E967B1A355564F0
C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys 692EF4D0DC4B2B722E967B1A355564F0
C:\Windows\System32\DRIVERS\dtsoftbus01.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\GenericMount.sys 022807B149127B8FAA3DBEB13A7D9B41
C:\Windows\System32\drivers\hcw88aud.sys CE18A0F7387AD605D49546D28B752C19
C:\Windows\System32\drivers\hcw88bda.sys BBD63DE84CEFF26A7B9D86883F1E2E2C
C:\Windows\System32\drivers\hcw88tse.sys 34685FE0AEA24A1B60D0A4D467033DAD
C:\Windows\System32\drivers\hcw88tun.sys 4F6B549347FDF0212F5496711D751271
C:\Windows\System32\drivers\hcw88vid.sys 79CA05A71DFD411E70D2FD2DE5829F97
C:\Windows\System32\drivers\HCW88BAR.sys 6AFA200796E505E302A5449E3A369812
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 24CC43ECDEEFD4C19FBBEE4951B647F1
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 96B0A408842B0E214EDCB41E89438999
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\libusb0.sys E2F1DCF4A68CC6CF694FBFBA1842F4CD
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lv302a64.sys 4A503882318BB2F59218D401614E6AF6
C:\Windows\System32\DRIVERS\lvrs64.sys 125AE13C293889001B8456CF3EB04A40
C:\Windows\System32\DRIVERS\mcvidrv_x64.sys 922CBAC7B992B9614CAB7122F4BF9406
C:\Windows\System32\drivers\mcaudrv_x64.sys 34A42DD7CF525D0D2C5232916496E4B8
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LV302V64.SYS AE0B94363DA0F60D42B9D05B352F61ED
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RMCAST.sys CAF88D6573D21CD2AA27001DDBFDC74D
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\System32\DRIVERS\RTL8192su.sys 3C85058541D55BFCEFD9177A68A507C6
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys C6CC9297BD53E5229653303E556AA539
C:\Windows\System32\DRIVERS\Sftplaylh.sys 390AA7BC52CEE43F6790CDEA1E776703
C:\Windows\System32\DRIVERS\Sftredirlh.sys 617E29A0B0A2807466560D4C4E338D3E
C:\Windows\System32\DRIVERS\Sftvollh.sys 8F571F016FA1976F445147E9E6C8AE9B
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys AF1B9474D67897D0C2CFF58E0ACEACCC
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\DRIVERS\VCam_WDM.sys 9024E915F803431E2C2C85070DC919FB
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
Error(0) reading file: "C:\Windows\System32\ "
2013-06-13 20:21 - 2013-06-13 20:21 - 00000000 ____D C:\FRST
2013-06-13 08:13 - 2013-06-13 08:13 - 00012924 ____A C:\Users\EdoMarie\Desktop\06132013_180646.log
2013-06-13 08:06 - 2013-06-13 08:06 - 00000000 ____D C:\_OTL
2013-06-13 05:58 - 2013-06-13 05:59 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-12 23:50 - 2013-06-13 00:11 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-12 12:01 - 2013-06-12 12:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 11:30 - 2013-06-12 11:31 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 11:27 - 2013-06-13 08:10 - 00000336 ____A C:\Windows\setupact.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000820 ____A C:\Windows\PFRO.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 11:13 - 2013-06-12 11:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 11:12 - 2013-06-12 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 11:12 - 2013-04-04 04:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-12 11:08 - 2013-06-12 11:11 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 09:34 - 2013-06-12 09:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 08:27 - 2013-06-12 08:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 08:22 - 2013-06-12 08:27 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-12 05:40 - 2013-06-12 05:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 03:29 - 2013-06-12 04:10 - 00000000 ____D C:\ZHP
2013-06-12 03:29 - 2013-06-12 03:29 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-12 03:26 - 2013-06-12 03:26 - 05676095 ____A (Nicolas Coolman ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 03:21 - 2013-06-12 03:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 03:09 - 2013-06-12 03:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 02:47 - 2013-06-12 03:01 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 00:53 - 2010-11-20 05:34 - 00360832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcvmm.sys
2013-06-12 00:53 - 2010-11-20 05:34 - 00194944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpchbus.sys
2013-06-12 00:53 - 2010-11-20 05:27 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\vpchbuspipe.dll
2013-06-12 00:53 - 2010-11-20 05:25 - 04514816 ____A (Microsoft Corporation) C:\Windows\System32\vpc.exe
2013-06-12 00:53 - 2010-11-20 05:25 - 02264064 ____A (Microsoft Corporation) C:\Windows\System32\VPCWizard.exe
2013-06-12 00:53 - 2010-11-20 05:25 - 01369600 ____A (Microsoft Corporation) C:\Windows\System32\VPCSettings.exe
2013-06-12 00:53 - 2010-11-20 03:37 - 01210368 ____A (Microsoft Corporation) C:\Windows\System32\VMWindow.exe
2013-06-12 00:53 - 2010-11-20 03:37 - 00936448 ____A (Microsoft Corporation) C:\Windows\System32\vmsal.exe
2013-06-12 00:53 - 2010-11-20 03:35 - 00562176 ____A (Microsoft Corporation) C:\Windows\System32\VMCPropertyHandler.dll
2013-06-12 00:53 - 2010-11-20 03:35 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcusb.sys
2013-06-12 00:53 - 2010-11-20 03:35 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcnfltr.sys
2013-06-12 00:53 - 2010-11-20 02:52 - 00793600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2013-06-12 00:52 - 2013-06-12 00:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 00:51 - 2013-06-12 00:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 00:48 - 2013-06-12 00:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 00:47 - 2013-06-12 00:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 00:17 - 2013-05-16 17:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 00:17 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 00:17 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 00:17 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 00:17 - 2013-05-16 16:58 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 00:17 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 00:17 - 2013-05-14 05:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 00:17 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 00:17 - 2013-05-14 01:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 00:17 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 23:49 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 23:49 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 23:49 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 23:49 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 23:49 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 23:49 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 23:49 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 23:49 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 23:49 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 23:48 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 23:48 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 23:48 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 23:48 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 23:48 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 23:48 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 14:20 - 2013-06-11 14:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-11 14:15 - 2013-06-11 14:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 12:02 - 2013-06-11 12:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 12:01 - 2013-06-11 12:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 11:57 - 2013-06-11 12:12 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 11:34 - 2013-06-11 23:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-10 23:14 - 2013-06-10 23:15 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-07 01:43 - 2013-06-07 12:02 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-05 11:26 - 2013-06-05 11:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 06:44 - 2013-06-05 06:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 04:37 - 2013-06-05 06:16 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 03:27 - 2013-06-05 03:28 - 00000000 ____D C:\watch dogs
2013-06-04 12:21 - 2013-06-04 12:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 11:18 - 2013-06-03 11:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-05-31 05:56 - 2013-05-31 05:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 05:55 - 2013-05-31 05:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2013-05-31 05:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 05:54 - 2013-05-31 05:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 05:53 - 2013-05-31 05:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-26 10:58 - 2013-05-26 10:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 07:23 - 2013-05-26 07:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 06:58 - 2013-05-26 06:59 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 06:49 - 2013-05-26 06:52 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 06:42 - 2013-05-26 06:49 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 06:19 - 2013-05-26 06:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 06:06 - 2013-05-26 06:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 05:56 - 2013-05-26 05:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 04:08 - 2013-05-26 04:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 03:04 - 2013-05-26 04:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 03:01 - 2013-05-26 03:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 06:44 - 2013-05-24 06:47 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 11:28 - 2013-05-22 11:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 04:30 - 2013-05-22 04:30 - 00000000 ____D C:\Python25
2013-05-22 04:29 - 2013-05-22 04:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 04:19 - 2013-05-22 04:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 03:41 - 2013-05-22 03:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-20 02:53 - 2013-05-26 06:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-20 02:48 - 2013-05-20 02:49 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 11:23 - 2013-05-19 11:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 11:22 - 2013-05-19 11:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 11:21 - 2013-05-19 11:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 05:33 - 2013-05-19 05:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-18 15:07 - 2013-05-18 15:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)
2013-05-14 22:41 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 22:41 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 22:41 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 22:41 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 22:41 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 22:41 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 22:41 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 22:41 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 22:41 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 22:41 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 22:41 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 22:41 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 22:41 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 22:41 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
==================== One Month Modified Files and Folders =======
2013-06-13 20:21 - 2013-06-13 20:21 - 00000000 ____D C:\FRST
2013-06-13 10:07 - 2010-12-08 14:40 - 01304304 ____A C:\Windows\WindowsUpdate.log
2013-06-13 10:05 - 2010-11-27 09:19 - 00751958 ____A C:\Windows\System32\perfh00C.dat
2013-06-13 10:05 - 2010-11-27 09:19 - 00151714 ____A C:\Windows\System32\perfc00C.dat
2013-06-13 10:05 - 2009-07-13 21:13 - 01676872 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-13 09:46 - 2013-01-15 07:31 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-13 09:34 - 2012-04-14 18:17 - 00001002 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 09:21 - 2011-10-28 00:11 - 00001108 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000UA.job
2013-06-13 08:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 08:18 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-13 08:18 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-13 08:13 - 2013-06-13 08:13 - 00012924 ____A C:\Users\EdoMarie\Desktop\06132013_180646.log
2013-06-13 08:11 - 2013-01-15 07:31 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-13 08:10 - 2013-06-12 11:27 - 00000336 ____A C:\Windows\setupact.log
2013-06-13 08:10 - 2011-02-25 10:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-13 08:10 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-13 08:06 - 2013-06-13 08:06 - 00000000 ____D C:\_OTL
2013-06-13 06:09 - 2012-04-13 01:59 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Paint.NET
2013-06-13 05:59 - 2013-06-13 05:58 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-13 05:15 - 2012-01-28 04:48 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\uTorrent
2013-06-13 04:52 - 2011-02-26 03:56 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\CrashDumps
2013-06-13 00:33 - 2011-05-06 23:12 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\vlc
2013-06-13 00:21 - 2011-10-28 00:11 - 00001086 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000Core.job
2013-06-13 00:11 - 2013-06-12 23:50 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-13 00:00 - 2012-01-28 04:49 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-06-12 23:50 - 2011-02-25 10:46 - 00000000 ____D C:\users\EdoMarie
2013-06-12 12:01 - 2013-06-12 12:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 11:31 - 2013-06-12 11:30 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 11:27 - 2013-06-12 11:27 - 00000820 ____A C:\Windows\PFRO.log
2013-06-12 11:27 - 2013-06-12 11:27 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 11:13 - 2013-06-12 11:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 11:13 - 2013-06-12 11:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 11:11 - 2013-06-12 11:08 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 09:34 - 2013-06-12 09:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 08:27 - 2013-06-12 08:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 08:27 - 2013-06-12 08:22 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-12 08:20 - 2011-05-04 03:11 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Skype
2013-06-12 08:20 - 2011-02-26 23:49 - 00000000 ____D C:\Users\EdoMarie\Tracing
2013-06-12 08:19 - 2011-03-07 14:17 - 00000000 ____D C:\Windows\Minidump
2013-06-12 05:40 - 2013-06-12 05:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 04:15 - 2013-06-12 04:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 04:15 - 2011-06-21 08:37 - 00001860 ____A C:\Users\UpdatusUser\Desktop\AD-R.lnk
2013-06-12 04:10 - 2013-06-12 03:29 - 00000000 ____D C:\ZHP
2013-06-12 04:06 - 2011-06-20 12:47 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2013-06-12 03:52 - 2009-07-13 15:19 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-06-12 03:29 - 2013-06-12 03:29 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-12 03:29 - 2013-06-12 03:29 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-12 03:26 - 2013-06-12 03:26 - 05676095 ____A (Nicolas Coolman ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 03:21 - 2013-06-12 03:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 03:09 - 2013-06-12 03:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 03:01 - 2013-06-12 02:47 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 01:34 - 2012-04-14 18:17 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 01:34 - 2011-10-08 13:42 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 00:58 - 2013-06-12 00:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\th-TH
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ro-RO
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\he-IL
2013-06-12 00:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ar-SA
2013-06-12 00:52 - 2013-06-12 00:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 00:51 - 2013-06-12 00:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 00:48 - 2013-06-12 00:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 00:47 - 2013-06-12 00:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 00:18 - 2011-03-06 00:00 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 23:51 - 2013-06-11 11:34 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-11 14:20 - 2013-06-11 14:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-11 14:15 - 2013-06-11 14:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 12:12 - 2013-06-11 11:57 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 12:10 - 2013-06-11 12:02 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 12:10 - 2013-06-11 12:01 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 08:32 - 2013-05-05 04:38 - 00001718 ____A C:\Users\EdoMarie\Desktop\PESEDIT - Raccourci.lnk
2013-06-10 23:47 - 2012-12-14 02:30 - 00000000 ___RD C:\Users\EdoMarie\Desktop\Bureau
2013-06-10 23:15 - 2013-06-10 23:14 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-07 12:02 - 2013-06-07 01:43 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-07 11:49 - 2012-10-15 15:13 - 00000132 ____A C:\Users\EdoMarie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-07 00:40 - 2012-03-13 00:37 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\VirtuaTennis2009
2013-06-05 16:02 - 2011-05-17 03:39 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\SoftGrid Client
2013-06-05 11:26 - 2013-06-05 11:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 06:44 - 2013-06-05 06:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 06:16 - 2013-06-05 04:37 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 03:28 - 2013-06-05 03:27 - 00000000 ____D C:\watch dogs
2013-06-04 12:21 - 2013-06-04 12:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 11:18 - 2013-06-03 11:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-06-03 01:58 - 2013-05-06 10:23 - 00000000 ____D C:\Users\EdoMarie\Desktop\images pes ligue des masters , coupes
2013-06-02 02:25 - 2012-08-14 20:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\HpUpdate
2013-05-31 05:56 - 2013-05-31 05:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 05:56 - 2013-05-31 05:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 05:55 - 2013-05-31 05:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2013-05-31 05:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 05:55 - 2012-08-14 20:49 - 00000000 ____D C:\Program Files (x86)\HP
2013-05-31 05:55 - 2012-08-14 20:45 - 00000000 ____D C:\ProgramData\HP
2013-05-31 05:54 - 2013-05-31 05:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 05:54 - 2012-08-14 20:46 - 00000000 ____D C:\Program Files\HP
2013-05-31 05:53 - 2013-05-31 05:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-30 00:20 - 2011-12-17 10:27 - 00000000 ____D C:\Users\EdoMarie\Documents\cv
2013-05-26 10:58 - 2013-05-26 10:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 07:23 - 2013-05-26 07:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 06:59 - 2013-05-26 06:58 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 06:52 - 2013-05-26 06:49 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 06:51 - 2013-05-20 02:53 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-26 06:49 - 2013-05-26 06:42 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 06:19 - 2013-05-26 06:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 06:10 - 2013-05-26 06:06 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 05:56 - 2013-05-26 05:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 04:10 - 2013-05-26 03:04 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 04:08 - 2013-05-26 04:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 03:01 - 2013-05-26 03:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 06:47 - 2013-05-24 06:44 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 11:28 - 2013-05-22 11:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 04:30 - 2013-05-22 04:30 - 00000000 ____D C:\Python25
2013-05-22 04:29 - 2013-05-22 04:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 04:21 - 2013-05-22 04:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 04:19 - 2013-05-22 04:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 03:41 - 2013-05-22 03:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-21 12:38 - 2011-03-08 04:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Adobe
2013-05-21 11:23 - 2011-03-07 04:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Adobe
2013-05-21 02:05 - 2011-02-26 23:28 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Windows Live
2013-05-20 02:49 - 2013-05-20 02:48 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 11:23 - 2013-05-19 11:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 11:22 - 2013-05-19 11:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 11:21 - 2013-05-19 11:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 05:33 - 2013-05-19 05:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-18 15:07 - 2013-05-18 15:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)
2013-05-16 17:25 - 2013-06-12 00:17 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 17:25 - 2013-06-12 00:17 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 16:59 - 2013-06-12 00:17 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 16:59 - 2013-06-12 00:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 16:58 - 2013-06-12 00:17 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 16:58 - 2013-06-12 00:17 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 22:30 - 2009-07-13 21:08 - 00032482 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-15 22:30 - 2009-07-13 20:45 - 00295032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-14 05:14 - 2013-06-12 00:17 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-14 04:23 - 2013-06-12 00:17 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 01:23 - 2013-06-12 00:17 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-14 00:40 - 2013-06-12 00:17 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
Files to move or delete:
====================
C:\Users\EdoMarie\wlsetup-web.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-06-12 00:16:22
Restore point made on: 2013-06-12 00:53:13
Restore point made on: 2013-06-12 03:12:09
Restore point made on: 2013-06-12 03:21:12
Restore point made on: 2013-06-12 03:22:37
Restore point made on: 2013-06-12 03:23:20
Restore point made on: 2013-06-12 03:38:22
Restore point made on: 2013-06-12 03:50:08
Restore point made on: 2013-06-12 04:35:26
Restore point made on: 2013-06-12 08:33:48
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 3071.24 MB
Available physical RAM: 2385.14 MB
Total Pagefile: 3069.39 MB
Available Pagefile: 2382.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:451.66 GB) (Free:49.19 GB) NTFS (Disk=0 Partition=3)
Drive e: (PQSERVICE) (Fixed) (Total:14 GB) (Free:1.32 GB) NTFS (Disk=0 Partition=1)
Drive f: (HP DJ1050_J410) (CDROM) (Total:0.33 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.41 GB) (Free:3.62 GB) FAT32 (Disk=2 Partition=1)
Drive k: (CL� VOITURE) (Removable) (Total:3.73 GB) (Free:2.08 GB) FAT32 (Disk=5 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C7E16395)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 73696420)
Partition 1: (Not Active) - (Size=-5185543680) - (Type=45)
Partition 2: (Not Active) - (Size=892 GB) - (Type=65)
Partition 3: (Not Active) - (Size=779 GB) - (Type=20)
Partition 4: (Not Active) - (Size=26 MB) - (Type=0D)
LastRegBack: 2013-06-13 08:40
==================== End Of Log ============================