cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by Denis (administrator) on 24-06-2013 08:40:30
Running from C:\Users\Denis\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Pelmorex Media Inc.) C:\Users\Denis\AppData\Local\M�t�oM�dia\M�t�o�clair\weathereye.exe
(Sage) C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Sage) C:\Program Files (x86)\winsim\ConnectionManager\Simply.SystemTrayIcon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe [37888 2011-09-14] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-09-14] (IDT, Inc.)
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2782096 2010-07-25] (CANON INC.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess
HKCU\...\Run: [LaCie Ethernet Agent Startup] C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe [5853184 2009-12-17] (LaCie SA)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [WeatherEye] C:\Users\Denis\AppData\Local\M�t�oM�dia\M�t�o�clair\WeatherEye.exe [310920 2012-02-14] (Pelmorex Media Inc.)
HKCU\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [x]
MountPoints2: {b193d39e-278e-11e1-b02c-806e6f6e6963} - E:\setup.exe
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [240112 2009-07-24] (Sonic Solutions)
HKLM-x32\...\Run: [CPMonitor] "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe" [84464 2009-07-21] ()
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [494064 2009-06-23] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1213848 2010-09-14] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [ConnectionManager] C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [99656 2011-12-22] (Sage)
HKLM-x32\...\Run: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" [x]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d��cran et lancement.lnk
ShortcutTarget: OneNote 2010 - Capture d��cran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ripstation Micro - Auto Update.lnk
ShortcutTarget: Ripstation Micro - Auto Update.lnk -> C:\Program Files (x86)\Ripstation\Ripstation Micro\ripstationmicroupdate.exe (Pantaray Research Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtAtCyCyC0E0Dzz0FtAzztN0D0Tzu0StByDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=132758275
SearchScopes: HKLM-x32 - {5ED3171C-E7E1-46FD-887B-0AE66CEF9E4D} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.202.1

==================== Services (Whitelisted) =================

R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.)
R2 Gestionnaire de connexion de Simple Comptable; C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe [21320 2011-12-22] (Sage)
S3 Gestionnaire de transactions de Sage Simple Comptable 2012 - CDN; C:\Program Files (x86)\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe [46960 2012-12-11] (Sage)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1871032 2013-03-15] (Microsoft Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [186760 2012-11-08] ()

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-15] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-15] ()
S1 xurlgbis; \??\C:\Windows\system32\drivers\xurlgbis.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-24 08:39 - 2013-06-24 08:39 - 00000000 ____D C:\FRST
2013-06-24 08:38 - 2013-06-24 08:32 - 01931364 ____A (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2013-06-23 14:30 - 2013-06-23 14:30 - 00004114 ____A C:\Users\Denis\Desktop\RKreport[0]_D_06232013_143027.txt
2013-06-23 14:28 - 2013-06-23 14:28 - 00003918 ____A C:\Users\Denis\Desktop\RKreport[0]_S_06232013_142857.txt
2013-06-23 12:01 - 2013-06-23 17:08 - 00000000 ____D C:\ZHP
2013-06-23 12:01 - 2013-06-23 17:08 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2013-06-23 12:01 - 2013-06-23 12:01 - 00001949 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-23 12:01 - 2013-06-23 12:01 - 00001822 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-23 12:01 - 2013-06-23 12:01 - 00000960 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-23 10:15 - 2013-06-23 11:39 - 00000000 ____D C:\Stinger_Quarantine
2013-06-23 10:15 - 2013-06-23 11:39 - 00000000 ____D C:\Program Files\stinger
2013-06-23 09:58 - 2013-06-23 09:58 - 00001168 ____A C:\Users\Denis\Desktop\Rapport MBAM.txt
2013-06-23 08:34 - 2013-06-23 08:34 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-23 08:34 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-23 08:20 - 2013-06-23 08:20 - 00000766 ____A C:\Users\Denis\Documents\Rapport nettoyage ligne en gras.txt
2013-06-23 08:19 - 2013-06-23 08:19 - 00000720 ____A C:\Users\Denis\Desktop\ZHPFixReport.txt
2013-06-22 17:26 - 2013-06-22 17:26 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 17:09 - 2013-06-22 17:09 - 00009425 ____A C:\AdwCleaner[S1].txt
2013-06-22 17:08 - 2013-06-22 17:08 - 00009261 ____A C:\AdwCleaner[R1].txt
2013-06-22 17:06 - 2013-06-22 16:51 - 00648201 ____A C:\Users\Denis\Desktop\adwcleaner.exe
2013-06-22 09:20 - 2013-06-22 09:18 - 05684132 ____A (Nicolas Coolman ) C:\Users\Denis\Desktop\ZHPDiag2.exe
2013-06-22 03:00 - 2013-06-08 10:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-22 03:00 - 2013-06-08 10:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-22 03:00 - 2013-06-08 10:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-22 03:00 - 2013-06-08 10:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-22 03:00 - 2013-06-08 10:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-22 03:00 - 2013-06-08 08:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-22 03:00 - 2013-06-08 07:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-22 03:00 - 2013-06-08 07:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-22 03:00 - 2013-06-08 07:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-22 03:00 - 2013-06-08 07:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-22 03:00 - 2013-06-08 07:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-22 03:00 - 2013-06-08 07:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-21 11:27 - 2010-10-18 06:00 - 00374784 ____A (CANON INC.) C:\Windows\System32\CNMLMAN.DLL
2013-06-21 10:53 - 2012-11-04 15:45 - 06466777 ____A C:\Users\Denis\Documents\12 - The Prayer ( & Andrea Bocelli).wma
2013-06-21 08:12 - 2013-06-23 08:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-21 08:12 - 2013-06-21 08:12 - 00000000 ____D C:\Users\Denis\AppData\Roaming\Malwarebytes
2013-06-21 08:12 - 2013-06-21 08:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-21 00:50 - 2013-06-21 00:50 - 00000000 ____D C:\Users\Admin\Documents\Bluetooth Exchange Folder
2013-06-21 00:50 - 2013-06-21 00:50 - 00000000 ____D C:\Users\Admin\AppData\Local\Broadcom
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Roxio
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2013-06-21 00:48 - 2013-06-21 17:57 - 00000000 ____D C:\users\Admin
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Voisinage r�seau
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Voisinage d'impression
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Mod�les
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Menu D�marrer
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Mes vid�os
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Mes images
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Ma musique
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\AppData\Local\Historique
2013-06-21 00:48 - 2012-04-12 01:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2013-06-21 00:48 - 2011-12-15 21:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2013-06-21 00:48 - 2011-12-15 21:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Hewlett-Packard
2013-06-20 21:21 - 2013-06-16 20:51 - 1277663996 ____A C:\Users\Denis\Documents\MVI_2518.MOV
2013-06-20 21:16 - 2013-06-16 20:41 - 1095848504 ____A C:\Users\Denis\Documents\MVI_2517.MOV
2013-06-20 21:15 - 2013-06-16 20:40 - 189062592 ____A C:\Users\Denis\Documents\MVI_2516.MOV
2013-06-20 21:14 - 2013-06-16 20:38 - 417855264 ____A C:\Users\Denis\Documents\MVI_2515.MOV
2013-06-20 21:03 - 2013-06-16 20:25 - 709660728 ____A C:\Users\Denis\Documents\MVI_2511.MOV
2013-06-20 21:02 - 2013-06-16 20:04 - 225488300 ____A C:\Users\Denis\Documents\MVI_2507.MOV
2013-06-20 21:01 - 2013-06-16 20:03 - 214626132 ____A C:\Users\Denis\Documents\MVI_2506.MOV
2013-06-20 21:00 - 2013-06-16 20:01 - 332563896 ____A C:\Users\Denis\Documents\MVI_2504.MOV
2013-06-20 21:00 - 2013-06-16 20:00 - 55014432 ____A C:\Users\Denis\Documents\MVI_2503.MOV
2013-06-12 03:01 - 2013-05-16 21:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 03:01 - 2013-05-16 21:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 03:01 - 2013-05-16 20:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 03:01 - 2013-05-16 20:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 03:01 - 2013-05-16 20:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 03:01 - 2013-05-14 08:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 03:01 - 2013-05-14 04:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 03:00 - 2013-05-16 21:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 03:00 - 2013-05-16 20:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 22:04 - 2013-05-13 01:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 22:04 - 2013-05-13 01:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 22:04 - 2013-05-13 01:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 22:04 - 2013-05-13 01:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 22:04 - 2013-05-13 00:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 22:04 - 2013-05-13 00:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 22:04 - 2013-05-13 00:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 22:04 - 2013-05-12 23:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 22:04 - 2013-05-12 23:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 22:04 - 2013-05-12 23:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 22:04 - 2013-05-10 01:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 22:04 - 2013-05-09 23:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 22:04 - 2013-05-08 02:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 22:04 - 2013-04-26 01:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 22:04 - 2013-04-26 00:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 22:04 - 2013-04-25 19:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 22:04 - 2013-04-17 03:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 22:04 - 2013-04-17 02:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 22:04 - 2013-03-31 18:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 23:34 - 2013-06-07 23:34 - 00000322 ____A C:\Users\Denis\Desktop\ResMed - Patients & Families.url
2013-06-06 09:28 - 2013-06-06 09:28 - 00001745 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-06 09:27 - 2013-06-21 17:55 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-06 09:27 - 2013-06-06 09:28 - 00000000 ____D C:\Program Files\iTunes
2013-06-06 09:27 - 2013-06-06 09:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-06 09:27 - 2013-06-06 09:27 - 00000000 ____D C:\Program Files\iPod
2013-06-03 01:38 - 2013-06-03 01:46 - 00004069 ____A C:\Windows\IE9_main.log
2013-06-01 21:20 - 2013-06-01 21:26 - 00000000 ____D C:\Users\Denis\Desktop\Denis Capes
2013-05-27 19:35 - 2013-05-27 19:35 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-26 17:09 - 2013-05-26 17:09 - 00002645 ____A C:\Users\Public\Desktop\RadioRA 2 6.1.0.lnk
2013-05-26 17:04 - 2013-05-26 17:07 - 445602104 ____A (Lutron Electronics Co., Inc. ) C:\Users\Denis\Downloads\RadioRA+2+6.1.0-full.exe

==================== One Month Modified Files and Folders =======

2013-06-24 08:39 - 2013-06-24 08:39 - 00000000 ____D C:\FRST
2013-06-24 08:39 - 2012-02-24 19:37 - 00000000 ____D C:\Users\Denis\Documents\Fichiers Outlook
2013-06-24 08:32 - 2013-06-24 08:38 - 01931364 ____A (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2013-06-24 08:13 - 2012-10-21 16:31 - 00001066 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-24 08:13 - 2012-04-01 10:20 - 00001002 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-24 02:00 - 2012-02-25 12:27 - 00000000 ____D C:\Users\Denis\AppData\Local\Adobe
2013-06-24 01:03 - 2012-02-24 17:55 - 02014372 ____A C:\Windows\WindowsUpdate.log
2013-06-23 23:41 - 2013-03-21 20:18 - 00000000 ___SD C:\Users\Denis\Documents\Mon DocsToGo
2013-06-23 20:46 - 2012-10-21 16:31 - 00001062 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-23 17:19 - 2009-07-14 00:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-23 17:19 - 2009-07-14 00:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-23 17:10 - 2012-02-24 18:01 - 00000000 ____D C:\Users\Denis\AppData\Local\VirtualStore
2013-06-23 17:10 - 2011-12-15 20:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-23 17:10 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-23 17:10 - 2009-07-14 00:51 - 00069203 ____A C:\Windows\setupact.log
2013-06-23 17:08 - 2013-06-23 12:01 - 00000000 ____D C:\ZHP
2013-06-23 17:08 - 2013-06-23 12:01 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2013-06-23 14:30 - 2013-06-23 14:30 - 00004114 ____A C:\Users\Denis\Desktop\RKreport[0]_D_06232013_143027.txt
2013-06-23 14:28 - 2013-06-23 14:28 - 00003918 ____A C:\Users\Denis\Desktop\RKreport[0]_S_06232013_142857.txt
2013-06-23 12:01 - 2013-06-23 12:01 - 00001949 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-23 12:01 - 2013-06-23 12:01 - 00001822 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-23 12:01 - 2013-06-23 12:01 - 00000960 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-23 11:39 - 2013-06-23 10:15 - 00000000 ____D C:\Stinger_Quarantine
2013-06-23 11:39 - 2013-06-23 10:15 - 00000000 ____D C:\Program Files\stinger
2013-06-23 09:59 - 2010-11-20 23:47 - 00801404 ____A C:\Windows\PFRO.log
2013-06-23 09:58 - 2013-06-23 09:58 - 00001168 ____A C:\Users\Denis\Desktop\Rapport MBAM.txt
2013-06-23 08:34 - 2013-06-23 08:34 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-23 08:34 - 2013-06-21 08:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-23 08:20 - 2013-06-23 08:20 - 00000766 ____A C:\Users\Denis\Documents\Rapport nettoyage ligne en gras.txt
2013-06-23 08:19 - 2013-06-23 08:19 - 00000720 ____A C:\Users\Denis\Desktop\ZHPFixReport.txt
2013-06-23 00:26 - 2013-04-18 10:09 - 00000000 ____D C:\Users\Denis\Desktop\Piscine Tr�vi
2013-06-22 17:26 - 2013-06-22 17:26 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 17:26 - 2013-06-22 17:26 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 17:26 - 2012-06-23 07:49 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-22 17:26 - 2012-04-24 13:25 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 17:09 - 2013-06-22 17:09 - 00009425 ____A C:\AdwCleaner[S1].txt
2013-06-22 17:08 - 2013-06-22 17:08 - 00009261 ____A C:\AdwCleaner[R1].txt
2013-06-22 16:51 - 2013-06-22 17:06 - 00648201 ____A C:\Users\Denis\Desktop\adwcleaner.exe
2013-06-22 16:41 - 2012-02-25 19:17 - 00000332 ____A C:\Windows\Tasks\HPCeeScheduleForDenis.job
2013-06-22 13:34 - 2012-02-25 14:51 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-06-22 13:33 - 2012-04-21 13:32 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-06-22 13:33 - 2012-02-25 14:50 - 00000000 ____D C:\Users\Denis\AppData\Roaming\HpUpdate
2013-06-22 13:33 - 2012-02-25 14:50 - 00000000 ____D C:\Users\Denis\AppData\Roaming\HP Support Assistant
2013-06-22 09:18 - 2013-06-22 09:20 - 05684132 ____A (Nicolas Coolman ) C:\Users\Denis\Desktop\ZHPDiag2.exe
2013-06-22 01:04 - 2012-04-27 21:37 - 00002198 ____A C:\Windows\epplauncher.mif
2013-06-22 00:18 - 2011-12-15 20:39 - 00758320 ____A C:\Windows\System32\perfh00C.dat
2013-06-22 00:18 - 2011-12-15 20:39 - 00154922 ____A C:\Windows\System32\perfc00C.dat
2013-06-22 00:18 - 2009-07-14 01:13 - 01700326 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 18:12 - 2012-02-24 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-21 18:11 - 2013-05-14 22:23 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-06-21 17:57 - 2013-06-21 00:48 - 00000000 ____D C:\users\Admin
2013-06-21 17:57 - 2012-02-24 17:57 - 00000000 ____D C:\users\Denis
2013-06-21 17:56 - 2012-09-10 23:19 - 00000000 ____D C:\Users\Denis\AppData\Local\Simply Accounting
2013-06-21 17:56 - 2009-07-13 23:20 - 00000000 __RSD C:\Windows\Media
2013-06-21 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\security
2013-06-21 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-21 17:55 - 2013-06-06 09:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-21 17:55 - 2012-10-26 09:52 - 00000000 ____D C:\Program Files\sct
2013-06-21 17:55 - 2012-03-23 10:46 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-06-21 17:55 - 2012-02-25 11:50 - 00000000 ____D C:\Users\Denis\AppData\Local\Akamai
2013-06-21 17:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-06-21 17:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 17:50 - 2012-02-24 18:05 - 00000000 __RHD C:\MSOCache
2013-06-21 17:50 - 2011-12-15 20:59 - 00000000 ____D C:\Program Files\IDT
2013-06-21 11:29 - 2011-12-15 20:54 - 00000000 ____D C:\ProgramData\SonicFocus
2013-06-21 11:14 - 2012-11-08 20:28 - 78036466 ____A C:\pxplay.log
2013-06-21 08:12 - 2013-06-21 08:12 - 00000000 ____D C:\Users\Denis\AppData\Roaming\Malwarebytes
2013-06-21 08:12 - 2013-06-21 08:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-21 00:50 - 2013-06-21 00:50 - 00000000 ____D C:\Users\Admin\Documents\Bluetooth Exchange Folder
2013-06-21 00:50 - 2013-06-21 00:50 - 00000000 ____D C:\Users\Admin\AppData\Local\Broadcom
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Roxio
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2013-06-21 00:49 - 2013-06-21 00:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Voisinage r�seau
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Voisinage d'impression
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Mod�les
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Menu D�marrer
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Mes vid�os
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Mes images
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\Documents\Ma musique
2013-06-21 00:48 - 2013-06-21 00:48 - 00000000 __SHD C:\Users\Admin\AppData\Local\Historique
2013-06-18 23:07 - 2012-03-09 01:22 - 00000000 ____D C:\Users\Denis\AppData\Local\CrashDumps
2013-06-16 20:51 - 2013-06-20 21:21 - 1277663996 ____A C:\Users\Denis\Documents\MVI_2518.MOV
2013-06-16 20:41 - 2013-06-20 21:16 - 1095848504 ____A C:\Users\Denis\Documents\MVI_2517.MOV
2013-06-16 20:40 - 2013-06-20 21:15 - 189062592 ____A C:\Users\Denis\Documents\MVI_2516.MOV
2013-06-16 20:38 - 2013-06-20 21:14 - 417855264 ____A C:\Users\Denis\Documents\MVI_2515.MOV
2013-06-16 20:25 - 2013-06-20 21:03 - 709660728 ____A C:\Users\Denis\Documents\MVI_2511.MOV
2013-06-16 20:04 - 2013-06-20 21:02 - 225488300 ____A C:\Users\Denis\Documents\MVI_2507.MOV
2013-06-16 20:03 - 2013-06-20 21:01 - 214626132 ____A C:\Users\Denis\Documents\MVI_2506.MOV
2013-06-16 20:01 - 2013-06-20 21:00 - 332563896 ____A C:\Users\Denis\Documents\MVI_2504.MOV
2013-06-16 20:00 - 2013-06-20 21:00 - 55014432 ____A C:\Users\Denis\Documents\MVI_2503.MOV
2013-06-14 00:04 - 2012-09-10 23:23 - 00000999 ____A C:\Windows\ODBC.INI
2013-06-13 11:52 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-12 19:10 - 2012-04-01 10:20 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 19:10 - 2011-12-15 21:05 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 07:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 03:01 - 2012-02-27 12:08 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 10:08 - 2013-06-22 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 10:07 - 2013-06-22 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 10:06 - 2013-06-22 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 10:06 - 2013-06-22 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 10:06 - 2013-06-22 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 08:28 - 2013-06-22 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 07:42 - 2013-06-22 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 07:40 - 2013-06-22 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 07:40 - 2013-06-22 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 07:40 - 2013-06-22 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 07:40 - 2013-06-22 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 07:13 - 2013-06-22 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 23:34 - 2013-06-07 23:34 - 00000322 ____A C:\Users\Denis\Desktop\ResMed - Patients & Families.url
2013-06-06 09:28 - 2013-06-06 09:28 - 00001745 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-06 09:28 - 2013-06-06 09:27 - 00000000 ____D C:\Program Files\iTunes
2013-06-06 09:28 - 2013-06-06 09:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-06 09:27 - 2013-06-06 09:27 - 00000000 ____D C:\Program Files\iPod
2013-06-03 01:46 - 2013-06-03 01:38 - 00004069 ____A C:\Windows\IE9_main.log
2013-06-03 01:14 - 2012-02-25 01:37 - 00000173 ____A C:\Users\Denis\AppData\Local\msmathematics.qat.Denis
2013-06-01 21:26 - 2013-06-01 21:20 - 00000000 ____D C:\Users\Denis\Desktop\Denis Capes
2013-05-27 19:35 - 2013-05-27 19:35 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-26 17:10 - 2012-10-18 22:10 - 00000000 ____D C:\Users\Denis\Documents\Job Lutron
2013-05-26 17:10 - 2011-12-15 20:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-26 17:09 - 2013-05-26 17:09 - 00002645 ____A C:\Users\Public\Desktop\RadioRA 2 6.1.0.lnk
2013-05-26 17:09 - 2012-10-18 00:13 - 00000000 ____D C:\Program Files (x86)\Lutron
2013-05-26 17:08 - 2012-04-18 11:10 - 00000000 ____D C:\Users\Denis\AppData\Local\Downloaded Installations
2013-05-26 17:07 - 2013-05-26 17:04 - 445602104 ____A (Lutron Electronics Co., Inc. ) C:\Users\Denis\Downloads\RadioRA+2+6.1.0-full.exe

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2779402122-369554602-2375855318-1000\$4f7534a7c153675011fa51d81c9dcadc

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$4f7534a7c153675011fa51d81c9dcadc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Microsoft Security Client\MsMpEng.exe => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client


LastRegBack: 2013-06-23 06:09

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité