cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by hp (administrator) on HP-HP on 24-04-2014 17:36:50
Running from C:\Users\hp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Dropbox, Inc.) C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-20] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [524288 2010-11-06] (IDT, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2011-03-10] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Anywhere] => rundll32.exe "C:\Windows\system32\ANWShare25.dll",InitAppshare
HKLM-x32\...\Run: [sfagent] => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [1201256 2012-09-18] (SPAMfighter ApS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-05-20] (PDF Complete Inc)
HKLM-x32\...\Run: [PlantronicsURE.exe] => C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe [625040 2013-10-30] (Plantronics, Inc.)
HKLM-x32\...\Run: [PlantronicsBatteryStatus.exe] => C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe [356752 2013-10-30] (Plantronics, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-01-13] (AMD)
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-221597889-1372561564-2659484244-1000\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=N360&pvid=21.2.0.38
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.fr
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {68745450-39BA-4393-B9D5-4548C0D67C23} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {68745450-39BA-4393-B9D5-4548C0D67C23} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {68745450-39BA-4393-B9D5-4548C0D67C23} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=FR&ver=21&locale=fr_FR&gct=kwd&qsrc=2869
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files (x86)\Barre de Confiance\TAPBar.dll (Euro-Information)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files (x86)\Barre de Confiance\TAPBar.dll (Euro-Information)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} http://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/FR/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {A64DBFEB-F36F-4E47-8A2A-39308CFABEB9} https://eu3.anywhereconference.com/plugins/IE/ANWShare.cab?2,7,0,17
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-19] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\hp\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\hp\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\hp\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\hp\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\hp\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\hp\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-01]
FF HKLM-x32\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test (4354) - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2013-11-10]
FF HKLM-x32\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games (4357) - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2013-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-01]
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test (4354) - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2013-11-10]
FF HKCU\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games (4357) - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2013-11-10]

Chrome:
=======
CHR HomePage:
CHR Extension: (Documents Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-20]
CHR Extension: (Recherche Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-20]
CHR Extension: (Norton Identity Protection) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-20]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\hp\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-11-17]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-04-21]

==================== Services (Whitelisted) =================

R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129648 2011-03-10] (Portrait Displays, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2818888 2014-04-01] (CybelSoft)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1332360 2013-05-20] (PDF Complete Inc)
R2 SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [216168 2012-09-18] (SPAMfighter ApS)
R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1281568 2013-10-29] (SPAMfighter ApS)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-04-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-04-21] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140422.001\IDSvia64.sys [525016 2014-04-22] (Symantec Corporation)
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140423.016\ENG64.SYS [126040 2014-04-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140423.016\EX64.SYS [2099288 2014-04-21] (Symantec Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-04-23] (Realsil Semiconductor Corporation)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-21] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-10-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 ALSysIO; \??\C:\Users\hp\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys FBB35875FEFE53D4280259842069ED72
C:\Windows\System32\DRIVERS\atikmpag.sys A32BCAD9377E3B75D034CAFBA463A0AE
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AVerAVF2.sys 086CBBB45324D56AA7239046CD86149A
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 2D659B569A76CDB83B815675A80D7096
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140409.001\BHDrvx64.sys 6FF763C82B98C8F3955B2C34A55C5E70
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys A0DFB69ADE3444C78B17636FCF28E898
C:\Windows\System32\drivers\btwaudio.sys F6135859A582A7294BA7A3336E08BAA1
C:\Windows\System32\drivers\btwavdt.sys 3DEF2370E414B4E299673558BA171A51
C:\Windows\System32\DRIVERS\btwl2cap.sys 9AD0FA253ED531D39FB2D74FE12A5FA9
C:\Windows\System32\DRIVERS\btwrchid.sys 9937E0E4DFC0030560A6DFE9D3A94B39
C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys D68D9F4D53010B7E84D4E80A2E485554
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 1B7AA375F711F66D5FF2B855F9EC987F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\System32\DRIVERS\iaStorA.sys 25555186E4FBDF0E30A5DBFC9B9A73F9
C:\Windows\System32\DRIVERS\iaStorF.sys 10E79E366FA255318F5D1D0ED07F947D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140422.001\IDSvia64.sys F6F8CDA3CC5207BFD0B319A26E33ACD3
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\itecir.sys 8D990A44B4F2B68E2C56A3724EC3EB84
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys 6A7970E5DEE9DE6E8C4C08856B31C099
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140423.016\ENG64.SYS 702E07EC32F96ACDB873E9A5465D4401
C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140423.016\EX64.SYS 302EA314A1AF0D7CEF0A3D0195F79561
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys 6F4607E2333FE21E9E3FF8133A88B35B
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 69FCDECD0215195261EC5362AB4A1520
C:\Windows\System32\DRIVERS\nusb3xhc.sys F813EA99DA158FB4079622D882873D63
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 14182642967B8751F3717E94FC90DF48
C:\Windows\System32\DRIVERS\Rt64win7.sys 46596144363B912105F70016F0E2F908
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\system32\drivers\N360x64\1502000.026\SRTSP64.SYS F718A57D946EAC76EFCB351D74E269F4
C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS B18CE01B9C09C59422BA7C7064248B35
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 608E8AAC3A3CFB5EBEBE3D3DCCE748C8
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\System32\DRIVERS\SymIMv.sys 6DE89F4CDF0B31A5BAF2855F9D80F8BA
C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS 48C2934683CBD06F662B088EEF49EF6A
C:\Windows\system32\drivers\N360x64\1502000.026\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 17:36 - 2014-04-24 17:37 - 00042459 _____ () C:\Users\hp\Desktop\FRST.txt
2014-04-24 17:36 - 2014-04-24 17:36 - 00000000 ____D () C:\FRST
2014-04-24 17:35 - 2014-04-24 17:35 - 02061824 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2014-04-23 23:46 - 2013-10-30 09:26 - 00078936 ____R (Symantec Corporation) C:\Windows\system32\Drivers\SymIMV.sys
2014-04-23 23:12 - 2014-04-23 23:12 - 00000000 ____D () C:\Users\hp\Downloads\tdsskiller
2014-04-23 23:11 - 2014-04-23 23:11 - 04142142 _____ () C:\Users\hp\Downloads\tdsskiller.zip
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\NPE
2014-04-23 22:18 - 2014-04-23 22:18 - 00000000 ____D () C:\ProgramData\ATI
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\ProgramData\AMD
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-23 20:53 - 2014-04-23 20:53 - 00000000 ____D () C:\Program Files\AMD
2014-04-23 20:52 - 2014-04-23 20:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-04-23 20:51 - 2014-04-23 20:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-23 20:50 - 2014-04-23 20:54 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-23 20:49 - 2014-04-23 20:49 - 00000000 ____D () C:\AMD
2014-04-23 20:45 - 2014-04-23 20:45 - 04171328 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2014-04-23 20:45 - 2014-04-23 20:45 - 03896632 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 03561272 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Users\hp\Downloads\Broadcom_BCM43xx_5.100.249.2
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-23 20:44 - 2014-04-23 20:43 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-23 20:44 - 2014-04-23 20:43 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-23 20:43 - 2014-04-23 20:43 - 00000000 ____D () C:\Users\hp\Downloads\Install_Win7_7080_03212014
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Intel Corporation
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ____D () C:\Program Files\Intel
2014-04-23 20:39 - 2014-04-23 20:39 - 00000000 ____D () C:\Users\hp\Intel
2014-04-23 20:38 - 2014-04-23 20:38 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-04-23 20:38 - 2014-04-23 20:37 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-04-23 20:38 - 2014-04-23 20:37 - 00465624 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2014-04-23 20:38 - 2014-04-23 20:37 - 00359128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2014-04-23 20:38 - 2014-04-23 20:37 - 00331992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2014-04-23 20:38 - 2014-04-23 20:37 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2014-04-23 20:38 - 2014-04-23 20:37 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2014-04-23 20:38 - 2014-04-23 20:37 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-04-23 20:37 - 2014-04-23 20:44 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\2C0A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0C0A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0C04
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0816
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0804
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0424
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041F
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041E
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041D
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041B
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0419
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0416
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0415
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0414
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0413
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0412
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0411
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0410
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040E
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040D
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040B
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0409
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0408
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0407
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0406
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0405
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0404
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0401
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Users\hp\Downloads\RtsXStor_6.3.273.37
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-04-23 20:33 - 2014-04-23 20:34 - 17535472 _____ (Intel Corporation) C:\Users\hp\Downloads\SetupRST.exe
2014-04-23 20:33 - 2014-04-23 20:34 - 12171007 _____ () C:\Users\hp\Downloads\RtsXStor_6.3.273.37.zip
2014-04-23 20:33 - 2014-04-23 20:34 - 10417824 _____ (Renesas Electronics Corporation ) C:\Users\hp\Downloads\Renesas_USB3_uPD720200_uPD720200A_2.1.36.0.exe
2014-04-23 20:32 - 2014-04-23 20:33 - 24059630 _____ () C:\Users\hp\Downloads\Broadcom_BCM43xx_5.100.249.2.zip
2014-04-23 20:32 - 2014-04-23 20:33 - 06126911 _____ () C:\Users\hp\Downloads\Install_Win7_7080_03212014.zip
2014-04-23 20:31 - 2014-04-23 20:38 - 211045720 _____ (Advanced Micro Devices, Inc.) C:\Users\hp\Downloads\13-12_mobility_win7_win8_64_dd_ccc_whql.exe
2014-04-23 19:42 - 2014-04-23 19:42 - 00031589 _____ () C:\ComboFix.txt
2014-04-23 17:34 - 2014-04-23 17:34 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-23 17:26 - 2014-04-23 17:26 - 00001306 _____ () C:\Users\hp\Desktop\malwarebyte.txt
2014-04-23 01:04 - 2014-04-23 01:04 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieUserList
2014-04-23 01:04 - 2014-04-23 01:04 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieSiteList
2014-04-23 00:51 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-23 00:51 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-23 00:51 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 00:51 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 00:51 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 00:51 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 00:51 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 00:51 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 00:51 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 00:51 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 00:51 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 00:51 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 00:51 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 00:51 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 00:51 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 00:51 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 00:51 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 00:51 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 00:51 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 00:51 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 00:51 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 00:51 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 00:51 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 00:51 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 00:51 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 00:51 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 00:51 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 00:51 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 00:51 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 00:51 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 00:51 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 00:51 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 00:51 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 00:51 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 00:51 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 00:51 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 00:51 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 00:51 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 00:51 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 00:51 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 00:51 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 00:51 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 00:51 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-23 00:50 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 00:50 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 00:50 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 00:50 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 00:50 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 23:21 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-22 23:21 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-22 23:21 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-22 23:21 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-22 23:21 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-22 23:21 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-22 23:21 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-22 23:21 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-22 23:21 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-22 23:21 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-22 23:21 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-22 23:21 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-22 23:21 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-22 23:21 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-22 23:21 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-22 23:21 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-22 23:21 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-22 23:14 - 2014-04-22 23:14 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-04-22 23:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-22 23:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-22 23:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-22 23:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-22 23:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-22 23:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-22 23:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-22 23:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-22 23:00 - 2014-04-23 19:42 - 00000000 ____D () C:\Qoobox
2014-04-22 23:00 - 2014-04-23 19:29 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 22:59 - 2014-04-22 23:00 - 05196870 ____R (Swearware) C:\Users\hp\Desktop\ComboFix.exe
2014-04-22 21:37 - 2014-04-23 23:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-22 21:37 - 2014-04-22 21:37 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-22 21:37 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-22 21:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-22 21:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-22 21:35 - 2014-04-22 21:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 21:30 - 2014-04-22 21:30 - 00000951 _____ () C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\ProgramData\ma-config.com
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\Program Files\ma-config.com
2014-04-22 21:28 - 2014-04-22 21:28 - 00255880 _____ () C:\Users\hp\Downloads\MaConfig_win.exe
2014-04-22 20:59 - 2014-04-22 22:59 - 00000000 ____D () C:\Users\hp\Desktop\RK_Quarantine
2014-04-22 20:59 - 2014-04-22 20:59 - 04527616 _____ () C:\Users\hp\Downloads\RogueKillerX64.exe
2014-04-22 20:41 - 2014-04-23 20:17 - 00013030 _____ () C:\PDOXUSRS.NET
2014-04-22 20:41 - 2014-04-23 20:15 - 00000000 ____D () C:\Program Files (x86)\ZebHelpProcess
2014-04-22 20:41 - 2014-04-22 20:41 - 00001039 _____ () C:\Users\Public\Desktop\ZHP.lnk
2014-04-22 20:41 - 1999-11-12 05:11 - 00183808 _____ () C:\Windows\SysWOW64\BDEADMIN.CPL
2014-04-22 20:41 - 1999-01-20 05:01 - 00210032 _____ () C:\Windows\SysWOW64\DBCLIENT.DLL
2014-04-22 20:39 - 2014-04-22 20:39 - 16612356 _____ (Nicolas Coolman ) C:\Users\hp\Downloads\ZHP 2014.exe
2014-04-22 20:28 - 2014-04-23 20:12 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-04-22 20:11 - 2014-04-23 20:10 - 00000000 ____D () C:\Users\hp\AppData\Roaming\ZHP
2014-04-22 20:11 - 2014-04-23 20:10 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-22 20:11 - 2014-04-22 23:51 - 00001989 _____ () C:\Users\hp\Desktop\ZHPFix.lnk
2014-04-22 20:11 - 2014-04-22 23:51 - 00001862 _____ () C:\Users\hp\Desktop\ZHPDiag.lnk
2014-04-22 20:11 - 2014-04-22 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-22 20:11 - 2014-04-22 20:11 - 06826952 _____ (Nicolas Coolman ) C:\Users\hp\Downloads\zhpdiag2.exe
2014-04-21 23:25 - 2014-04-21 23:25 - 03057128 ____N (Symantec Corporation) C:\Users\hp\Downloads\NPE (1).exe
2014-04-21 23:24 - 2014-04-23 23:05 - 00000000 ____D () C:\Users\hp\AppData\Local\NPE
2014-04-21 23:23 - 2014-04-21 23:23 - 03057128 ____N (Symantec Corporation) C:\Users\hp\Downloads\NPE.exe
2014-04-21 23:01 - 2014-04-21 23:14 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-21 23:01 - 2014-04-21 23:14 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-21 23:01 - 2014-04-21 23:14 - 00002393 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-21 23:01 - 2014-04-21 23:14 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-04-21 23:01 - 2014-04-21 23:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-04-21 23:01 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-21 22:25 - 2014-04-21 23:14 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-04-21 22:25 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-21 21:33 - 2014-04-21 23:19 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-04-21 21:33 - 2014-04-21 23:17 - 00001322 _____ () C:\Users\hp\Desktop\Fichiers d’installation Norton.lnk
2014-04-21 21:33 - 2014-04-21 21:33 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-21 18:44 - 2014-04-23 23:12 - 04162400 _____ (Kaspersky Lab ZAO) C:\Users\hp\Desktop\TDSSKiller.exe
2014-04-14 16:42 - 2014-04-14 22:44 - 00019033 _____ () C:\Users\hp\Documents\Copie de Bilan GMF avril 2014.xlsx
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ____D () C:\Users\hp\Desktop\Plantronics
2014-04-12 15:05 - 2014-04-21 21:39 - 00000000 ____D () C:\Users\hp\AppData\Local\Plantronics
2014-04-12 15:05 - 2014-04-12 15:05 - 00000000 ____D () C:\Users\hp\AppData\Roaming\FLEXnet
2014-04-12 15:05 - 2014-04-12 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\Plantronics
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\Macrovision
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\Program Files (x86)\Plantronics
2014-04-07 19:58 - 2014-04-07 19:58 - 00037099 _____ () C:\Users\hp\Documents\institut carita.xlsx
2014-04-07 19:55 - 2014-04-07 19:55 - 00022831 _____ () C:\Users\hp\Documents\spa carita.xlsx
2014-04-07 19:53 - 2014-04-07 19:53 - 00014416 _____ () C:\Users\hp\Documents\coiffeur carita soin.xlsx
2014-04-07 19:51 - 2014-04-07 19:51 - 00062833 _____ () C:\Users\hp\Documents\parfumerie cabine Carita.xlsx
2014-04-07 19:49 - 2014-04-07 19:49 - 00032652 _____ () C:\Users\hp\Documents\liste des instituts Carita.xlsx
2014-04-05 09:43 - 2014-04-05 09:43 - 00002785 _____ () C:\Users\Public\HOW_DECRYPT.HTML
2014-04-05 09:43 - 2014-04-05 09:43 - 00002785 _____ () C:\Users\HOW_DECRYPT.HTML
2014-04-05 09:43 - 2014-04-05 09:43 - 00001267 _____ () C:\Users\Public\HOW_DECRYPT.TXT
2014-04-05 09:43 - 2014-04-05 09:43 - 00001267 _____ () C:\Users\HOW_DECRYPT.TXT
2014-04-05 09:43 - 2014-04-05 09:43 - 00000135 _____ () C:\Users\Public\HOW_DECRYPT.URL
2014-04-05 09:43 - 2014-04-05 09:43 - 00000135 _____ () C:\Users\HOW_DECRYPT.URL
2014-04-05 09:42 - 2014-04-05 09:42 - 00002785 _____ () C:\Users\hp\HOW_DECRYPT.HTML
2014-04-05 09:42 - 2014-04-05 09:42 - 00001267 _____ () C:\Users\hp\HOW_DECRYPT.TXT
2014-04-05 09:42 - 2014-04-05 09:42 - 00000135 _____ () C:\Users\hp\HOW_DECRYPT.URL
2014-04-04 19:10 - 2014-04-04 19:10 - 00002785 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.HTML
2014-04-04 19:10 - 2014-04-04 19:10 - 00002785 _____ () C:\Users\hp\AppData\HOW_DECRYPT.HTML
2014-04-04 19:10 - 2014-04-04 19:10 - 00001267 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.TXT
2014-04-04 19:10 - 2014-04-04 19:10 - 00001267 _____ () C:\Users\hp\AppData\HOW_DECRYPT.TXT
2014-04-04 19:10 - 2014-04-04 19:10 - 00000135 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.URL
2014-04-04 19:10 - 2014-04-04 19:10 - 00000135 _____ () C:\Users\hp\AppData\HOW_DECRYPT.URL
2014-04-04 19:08 - 2014-04-04 19:08 - 00002785 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:08 - 2014-04-04 19:08 - 00001267 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:08 - 2014-04-04 19:08 - 00000135 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\Documents\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\AppData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\ProgramData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\Documents\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\AppData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\ProgramData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\Documents\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\AppData\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\ProgramData\HOW_DECRYPT.URL

==================== One Month Modified Files and Folders =======

2014-04-24 17:37 - 2014-04-24 17:36 - 00042459 _____ () C:\Users\hp\Desktop\FRST.txt
2014-04-24 17:36 - 2014-04-24 17:36 - 00000000 ____D () C:\FRST
2014-04-24 17:36 - 2012-08-24 07:22 - 01292047 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 17:35 - 2014-04-24 17:35 - 02061824 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2014-04-24 17:35 - 2012-10-20 15:33 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-24 17:32 - 2013-12-23 16:32 - 00000000 ___RD () C:\Users\hp\Dropbox
2014-04-24 17:32 - 2013-12-23 16:25 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Dropbox
2014-04-24 17:32 - 2013-11-17 17:08 - 00000000 ___RD () C:\Users\hp\Google Drive
2014-04-24 17:32 - 2011-10-19 18:22 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-24 17:31 - 2012-10-20 15:33 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 17:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 17:31 - 2009-07-14 06:51 - 00056367 _____ () C:\Windows\setupact.log
2014-04-24 17:30 - 2010-11-21 05:47 - 00820870 _____ () C:\Windows\PFRO.log
2014-04-23 23:52 - 2013-09-19 19:33 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 23:51 - 2011-10-19 17:47 - 00751454 _____ () C:\Windows\system32\perfh00C.dat
2014-04-23 23:51 - 2011-10-19 17:47 - 00151598 _____ () C:\Windows\system32\perfc00C.dat
2014-04-23 23:51 - 2009-07-14 07:13 - 01680856 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 23:50 - 2014-04-22 21:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 23:12 - 2014-04-23 23:12 - 00000000 ____D () C:\Users\hp\Downloads\tdsskiller
2014-04-23 23:12 - 2014-04-21 18:44 - 04162400 _____ (Kaspersky Lab ZAO) C:\Users\hp\Desktop\TDSSKiller.exe
2014-04-23 23:11 - 2014-04-23 23:11 - 04142142 _____ () C:\Users\hp\Downloads\tdsskiller.zip
2014-04-23 23:11 - 2012-10-21 11:08 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221597889-1372561564-2659484244-1000UA.job
2014-04-23 23:09 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 23:09 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 23:05 - 2014-04-21 23:24 - 00000000 ____D () C:\Users\hp\AppData\Local\NPE
2014-04-23 22:57 - 2012-08-24 07:24 - 00000000 ____D () C:\Users\hp
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\NPE
2014-04-23 22:18 - 2014-04-23 22:18 - 00000000 ____D () C:\ProgramData\ATI
2014-04-23 22:09 - 2012-08-24 07:28 - 00000000 ___RD () C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 22:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\ProgramData\AMD
2014-04-23 20:54 - 2014-04-23 20:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-23 20:54 - 2014-04-23 20:50 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-23 20:53 - 2014-04-23 20:53 - 00000000 ____D () C:\Program Files\AMD
2014-04-23 20:53 - 2011-10-19 18:00 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-23 20:52 - 2014-04-23 20:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-04-23 20:51 - 2014-04-23 20:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-23 20:49 - 2014-04-23 20:49 - 00000000 ____D () C:\AMD
2014-04-23 20:45 - 2014-04-23 20:45 - 04171328 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2014-04-23 20:45 - 2014-04-23 20:45 - 03896632 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 03561272 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Users\hp\Downloads\Broadcom_BCM43xx_5.100.249.2
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-23 20:45 - 2014-04-23 20:45 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-04-23 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-04-23 20:44 - 2014-04-23 20:37 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-04-23 20:43 - 2014-04-23 20:44 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-23 20:43 - 2014-04-23 20:44 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-23 20:43 - 2014-04-23 20:43 - 00000000 ____D () C:\Users\hp\Downloads\Install_Win7_7080_03212014
2014-04-23 20:43 - 2011-10-19 17:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-23 20:43 - 2011-10-19 17:50 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Intel Corporation
2014-04-23 20:40 - 2014-04-23 20:40 - 00000000 ____D () C:\Program Files\Intel
2014-04-23 20:40 - 2011-10-19 17:59 - 00000000 ____D () C:\ProgramData\intel
2014-04-23 20:40 - 2011-02-11 19:15 - 01705464 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-23 20:39 - 2014-04-23 20:39 - 00000000 ____D () C:\Users\hp\Intel
2014-04-23 20:38 - 2014-04-23 20:38 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-04-23 20:38 - 2014-04-23 20:31 - 211045720 _____ (Advanced Micro Devices, Inc.) C:\Users\hp\Downloads\13-12_mobility_win7_win8_64_dd_ccc_whql.exe
2014-04-23 20:37 - 2014-04-23 20:38 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-04-23 20:37 - 2014-04-23 20:38 - 00465624 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2014-04-23 20:37 - 2014-04-23 20:38 - 00359128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2014-04-23 20:37 - 2014-04-23 20:38 - 00331992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2014-04-23 20:37 - 2014-04-23 20:38 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2014-04-23 20:37 - 2014-04-23 20:38 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2014-04-23 20:37 - 2014-04-23 20:38 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\2C0A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0C0A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0C04
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0816
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0804
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0424
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041F
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041E
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041D
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\041B
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0419
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0416
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0415
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0414
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0413
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0412
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0411
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0410
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040E
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040D
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040B
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\040A
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0409
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0408
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0407
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0406
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0405
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0404
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Windows\system32\0401
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Users\hp\Downloads\RtsXStor_6.3.273.37
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-04-23 20:37 - 2014-04-23 20:37 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-04-23 20:37 - 2011-10-19 17:47 - 00000000 ____D () C:\Windows\system32\040C
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-04-23 20:34 - 2014-04-23 20:33 - 17535472 _____ (Intel Corporation) C:\Users\hp\Downloads\SetupRST.exe
2014-04-23 20:34 - 2014-04-23 20:33 - 12171007 _____ () C:\Users\hp\Downloads\RtsXStor_6.3.273.37.zip
2014-04-23 20:34 - 2014-04-23 20:33 - 10417824 _____ (Renesas Electronics Corporation ) C:\Users\hp\Downloads\Renesas_USB3_uPD720200_uPD720200A_2.1.36.0.exe
2014-04-23 20:33 - 2014-04-23 20:32 - 24059630 _____ () C:\Users\hp\Downloads\Broadcom_BCM43xx_5.100.249.2.zip
2014-04-23 20:33 - 2014-04-23 20:32 - 06126911 _____ () C:\Users\hp\Downloads\Install_Win7_7080_03212014.zip
2014-04-23 20:17 - 2014-04-22 20:41 - 00013030 _____ () C:\PDOXUSRS.NET
2014-04-23 20:15 - 2014-04-22 20:41 - 00000000 ____D () C:\Program Files (x86)\ZebHelpProcess
2014-04-23 20:12 - 2014-04-22 20:28 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-04-23 20:10 - 2014-04-22 20:11 - 00000000 ____D () C:\Users\hp\AppData\Roaming\ZHP
2014-04-23 20:10 - 2014-04-22 20:11 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-23 19:42 - 2014-04-23 19:42 - 00031589 _____ () C:\ComboFix.txt
2014-04-23 19:42 - 2014-04-22 23:00 - 00000000 ____D () C:\Qoobox
2014-04-23 19:38 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-23 19:33 - 2009-07-14 04:34 - 88080384 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-23 19:33 - 2009-07-14 04:34 - 18087936 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-23 19:33 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-23 19:33 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-23 19:33 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-23 19:29 - 2014-04-22 23:00 - 00000000 ____D () C:\Windows\erdnt
2014-04-23 17:36 - 2012-10-21 11:08 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221597889-1372561564-2659484244-1000Core.job
2014-04-23 17:34 - 2014-04-23 17:34 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-23 17:26 - 2014-04-23 17:26 - 00001306 _____ () C:\Users\hp\Desktop\malwarebyte.txt
2014-04-23 01:04 - 2014-04-23 01:04 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieUserList
2014-04-23 01:04 - 2014-04-23 01:04 - 00000000 __SHD () C:\Users\hp\AppData\Local\EmieSiteList
2014-04-23 01:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-23 00:52 - 2012-08-27 19:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-23 00:50 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-23 00:48 - 2012-10-08 19:01 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-23 00:13 - 2012-10-05 21:13 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Mozilla
2014-04-22 23:51 - 2014-04-22 20:11 - 00001989 _____ () C:\Users\hp\Desktop\ZHPFix.lnk
2014-04-22 23:51 - 2014-04-22 20:11 - 00001862 _____ () C:\Users\hp\Desktop\ZHPDiag.lnk
2014-04-22 23:51 - 2014-04-22 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-22 23:15 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-22 23:14 - 2014-04-22 23:14 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-04-22 23:13 - 2011-10-19 18:26 - 00000000 ____D () C:\ProgramData\Norton
2014-04-22 23:10 - 2012-09-01 23:17 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForhp.job
2014-04-22 23:00 - 2014-04-22 22:59 - 05196870 ____R (Swearware) C:\Users\hp\Desktop\ComboFix.exe
2014-04-22 22:59 - 2014-04-22 20:59 - 00000000 ____D () C:\Users\hp\Desktop\RK_Quarantine
2014-04-22 22:28 - 2012-08-29 03:18 - 00000000 ____D () C:\Users\hp\AppData\Local\CrashDumps
2014-04-22 21:37 - 2014-04-22 21:37 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-22 21:37 - 2014-04-22 21:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-22 21:36 - 2014-04-22 21:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 21:36 - 2012-09-01 23:17 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForhp
2014-04-22 21:32 - 2012-12-08 21:18 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-22 21:32 - 2012-08-27 19:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-22 21:30 - 2014-04-22 21:30 - 00000951 _____ () C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\ProgramData\ma-config.com
2014-04-22 21:30 - 2014-04-22 21:30 - 00000000 ____D () C:\Program Files\ma-config.com
2014-04-22 21:28 - 2014-04-22 21:28 - 00255880 _____ () C:\Users\hp\Downloads\MaConfig_win.exe
2014-04-22 20:59 - 2014-04-22 20:59 - 04527616 _____ () C:\Users\hp\Downloads\RogueKillerX64.exe
2014-04-22 20:41 - 2014-04-22 20:41 - 00001039 _____ () C:\Users\Public\Desktop\ZHP.lnk
2014-04-22 20:39 - 2014-04-22 20:39 - 16612356 _____ (Nicolas Coolman ) C:\Users\hp\Downloads\ZHP 2014.exe
2014-04-22 20:11 - 2014-04-22 20:11 - 06826952 _____ (Nicolas Coolman ) C:\Users\hp\Downloads\zhpdiag2.exe
2014-04-22 20:08 - 2012-08-27 19:34 - 00000000 ____D () C:\Users\hp\Documents\Fichiers Outlook
2014-04-22 19:00 - 2014-03-23 12:13 - 00000000 ____D () C:\Users\hp\Documents\BROCHURE PRATIQUE 2013#36 ippots sur le revenus_fichiers
2014-04-22 19:00 - 2014-02-23 13:36 - 00000000 ____D () C:\Users\hp\Documents\TomTom
2014-04-22 19:00 - 2014-02-19 19:14 - 00000000 ____D () C:\Users\hp\Documents\compteurs Josephine 19 fevr 2014
2014-04-22 19:00 - 2013-12-14 12:34 - 00000000 ____D () C:\Users\hp\Documents\PC Cleaner
2014-04-22 19:00 - 2013-09-08 20:13 - 00000000 ____D () C:\Users\hp\Documents\CE SLB BIOTEC
2014-04-22 19:00 - 2013-08-14 15:41 - 00000000 ____D () C:\Users\hp\Documents\TRIBUNAL MME MIAS
2014-04-22 19:00 - 2013-08-11 10:49 - 00000000 ____D () C:\Users\hp\Documents\Flocar investiisement
2014-04-22 19:00 - 2013-07-31 19:04 - 00000000 ____D () C:\Users\hp\Documents\notification gérante SLB Biotec nov 2011_pdf_fichiers
2014-04-22 19:00 - 2013-07-31 19:03 - 00000000 ____D () C:\Users\hp\Documents\reponse gerante slb biotec par Sitzia Guerin_pdf_fichiers
2014-04-22 19:00 - 2013-07-31 19:03 - 00000000 ____D () C:\Users\hp\Documents\plainte recel abus confiance et recel vols procdés SITZAI DEJOUX RENONCOURT 7 dec 2011_pdf_fichiers
2014-04-22 19:00 - 2013-07-31 19:02 - 00000000 ____D () C:\Users\hp\Documents\site www_slb-biotec-france_fr faisant référence au 12_12_2011 aux fonds européen_pdf_fichiers
2014-04-22 19:00 - 2013-06-23 13:12 - 00000000 ____D () C:\Users\hp\Documents\Fax
2014-04-22 19:00 - 2013-04-18 14:23 - 00000000 ____D () C:\Users\hp\Documents\LA BASSR BREHAIN
2014-04-22 19:00 - 2012-12-23 10:25 - 00000000 ____D () C:\Users\hp\Documents\Voyage Egypte décembre 2012 fayan
2014-04-22 19:00 - 2012-10-30 22:08 - 00000000 ____D () C:\Users\hp\Documents\Robe bretonne Mias
2014-04-21 23:25 - 2014-04-21 23:25 - 03057128 ____N (Symantec Corporation) C:\Users\hp\Downloads\NPE (1).exe
2014-04-21 23:23 - 2014-04-21 23:23 - 03057128 ____N (Symantec Corporation) C:\Users\hp\Downloads\NPE.exe
2014-04-21 23:19 - 2014-04-21 21:33 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-04-21 23:17 - 2014-04-21 21:33 - 00001322 _____ () C:\Users\hp\Desktop\Fichiers d’installation Norton.lnk
2014-04-21 23:14 - 2014-04-21 23:01 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-21 23:14 - 2014-04-21 23:01 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-21 23:14 - 2014-04-21 23:01 - 00002393 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-21 23:14 - 2014-04-21 23:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-04-21 23:14 - 2014-04-21 22:25 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-04-21 23:01 - 2014-04-21 23:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-04-21 23:01 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-21 23:01 - 2014-04-21 22:25 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-21 22:55 - 2011-10-19 18:13 - 00000000 ____D () C:\ProgramData\Symantec
2014-04-21 22:24 - 2012-08-27 19:15 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-21 21:39 - 2014-04-12 15:05 - 00000000 ____D () C:\Users\hp\AppData\Local\Plantronics
2014-04-21 21:33 - 2014-04-21 21:33 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-17 19:26 - 2012-08-24 07:28 - 00000000 ____D () C:\Users\hp\AppData\Local\PDFC
2014-04-15 09:09 - 2012-09-29 04:40 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-04-14 22:44 - 2014-04-14 16:42 - 00019033 _____ () C:\Users\hp\Documents\Copie de Bilan GMF avril 2014.xlsx
2014-04-13 10:59 - 2009-07-14 07:08 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ____D () C:\Users\hp\Desktop\Plantronics
2014-04-12 15:05 - 2014-04-12 15:05 - 00000000 ____D () C:\Users\hp\AppData\Roaming\FLEXnet
2014-04-12 15:05 - 2014-04-12 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\Plantronics
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\Macrovision
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-04-12 15:04 - 2014-04-12 15:04 - 00000000 ____D () C:\Program Files (x86)\Plantronics
2014-04-07 19:58 - 2014-04-07 19:58 - 00037099 _____ () C:\Users\hp\Documents\institut carita.xlsx
2014-04-07 19:55 - 2014-04-07 19:55 - 00022831 _____ () C:\Users\hp\Documents\spa carita.xlsx
2014-04-07 19:53 - 2014-04-07 19:53 - 00014416 _____ () C:\Users\hp\Documents\coiffeur carita soin.xlsx
2014-04-07 19:51 - 2014-04-07 19:51 - 00062833 _____ () C:\Users\hp\Documents\parfumerie cabine Carita.xlsx
2014-04-07 19:49 - 2014-04-07 19:49 - 00032652 _____ () C:\Users\hp\Documents\liste des instituts Carita.xlsx
2014-04-05 09:43 - 2014-04-05 09:43 - 00002785 _____ () C:\Users\Public\HOW_DECRYPT.HTML
2014-04-05 09:43 - 2014-04-05 09:43 - 00002785 _____ () C:\Users\HOW_DECRYPT.HTML
2014-04-05 09:43 - 2014-04-05 09:43 - 00001267 _____ () C:\Users\Public\HOW_DECRYPT.TXT
2014-04-05 09:43 - 2014-04-05 09:43 - 00001267 _____ () C:\Users\HOW_DECRYPT.TXT
2014-04-05 09:43 - 2014-04-05 09:43 - 00000135 _____ () C:\Users\Public\HOW_DECRYPT.URL
2014-04-05 09:43 - 2014-04-05 09:43 - 00000135 _____ () C:\Users\HOW_DECRYPT.URL
2014-04-05 09:42 - 2014-04-05 09:42 - 00002785 _____ () C:\Users\hp\HOW_DECRYPT.HTML
2014-04-05 09:42 - 2014-04-05 09:42 - 00001267 _____ () C:\Users\hp\HOW_DECRYPT.TXT
2014-04-05 09:42 - 2014-04-05 09:42 - 00000135 _____ () C:\Users\hp\HOW_DECRYPT.URL
2014-04-04 22:48 - 2013-11-11 11:12 - 00000000 ____D () C:\ARCHIVES MESSAGERIE VIEUX TOSH OCt 13
2014-04-04 20:36 - 2014-03-12 20:47 - 00000000 ____D () C:\SAUVEGARDES SNECMA AVRIL 2014
2014-04-04 19:13 - 2013-10-26 14:17 - 00000000 ____D () C:\PIECES JUGEMENTS SITZIA RENONCOURT
2014-04-04 19:10 - 2014-04-04 19:10 - 00002785 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.HTML
2014-04-04 19:10 - 2014-04-04 19:10 - 00002785 _____ () C:\Users\hp\AppData\HOW_DECRYPT.HTML
2014-04-04 19:10 - 2014-04-04 19:10 - 00001267 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.TXT
2014-04-04 19:10 - 2014-04-04 19:10 - 00001267 _____ () C:\Users\hp\AppData\HOW_DECRYPT.TXT
2014-04-04 19:10 - 2014-04-04 19:10 - 00000135 _____ () C:\Users\hp\AppData\Roaming\HOW_DECRYPT.URL
2014-04-04 19:10 - 2014-04-04 19:10 - 00000135 _____ () C:\Users\hp\AppData\HOW_DECRYPT.URL
2014-04-04 19:10 - 2014-02-23 13:36 - 00000000 ____D () C:\Users\hp\AppData\Roaming\TomTom
2014-04-04 19:10 - 2013-08-25 04:56 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Skype
2014-04-04 19:10 - 2012-09-14 16:57 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Titanium
2014-04-04 19:10 - 2012-09-14 16:56 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Eye-Fi
2014-04-04 19:10 - 2012-09-02 19:20 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Apple Computer
2014-04-04 19:10 - 2012-08-27 19:47 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Fighters
2014-04-04 19:09 - 2013-01-02 20:57 - 00000000 ____D () C:\Voyage Egypte fayan décembre 2012
2014-04-04 19:08 - 2014-04-04 19:08 - 00002785 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:08 - 2014-04-04 19:08 - 00001267 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:08 - 2014-04-04 19:08 - 00000135 _____ () C:\Users\hp\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:08 - 2012-08-27 19:08 - 00000000 ____D () C:\Users\hp\AppData\Roaming\Adobe
2014-04-04 19:06 - 2013-06-23 13:29 - 00000000 ____D () C:\voyage crete juin 2013
2014-04-04 19:05 - 2012-08-24 07:24 - 00000000 ____D () C:\Users\hp\AppData\Local\Hewlett-Packard
2014-04-04 19:04 - 2013-01-02 20:53 - 00000000 ____D () C:\Noel 2012
2014-04-04 19:04 - 2012-09-24 23:02 - 00000000 ____D () C:\Users\hp\AppData\Local\Google
2014-04-04 19:04 - 2012-09-02 19:20 - 00000000 ____D () C:\Users\hp\AppData\Local\Apple Computer
2014-04-04 19:04 - 2011-02-11 00:39 - 00000000 ____D () C:\swsetup
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\Documents\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default\AppData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00002785 _____ () C:\ProgramData\HOW_DECRYPT.HTML
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\Documents\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default\AppData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00001267 _____ () C:\ProgramData\HOW_DECRYPT.TXT
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\Documents\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default\AppData\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\Documents\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\AppData\Local\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\Users\Default User\AppData\HOW_DECRYPT.URL
2014-04-04 19:03 - 2014-04-04 19:03 - 00000135 _____ () C:\ProgramData\HOW_DECRYPT.URL
2014-04-04 19:03 - 2013-11-26 11:40 - 00000000 ____D () C:\ProgramData\WebEx
2014-04-04 19:03 - 2013-08-25 04:56 - 00000000 ____D () C:\ProgramData\Skype
2014-04-04 19:03 - 2012-09-02 19:19 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-04-04 19:03 - 2011-10-19 18:20 - 00000000 ____D () C:\ProgramData\TouchSmartData
2014-04-04 19:03 - 2011-10-19 18:01 - 00000000 ____D () C:\Users\Default\AppData\Local\Hewlett-Packard
2014-04-04 19:03 - 2011-10-19 18:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\Hewlett-Packard
2014-04-04 19:02 - 2012-08-24 17:13 - 00000000 ____D () C:\ProgramData\Recovery
2014-04-04 19:01 - 2013-12-14 12:37 - 00000000 ____D () C:\ProgramData\iolo
2014-04-04 19:01 - 2012-10-28 19:24 - 00000000 ____D () C:\ProgramData\HP
2014-04-04 19:00 - 2011-04-12 05:59 - 00000000 ___RD () C:\hp
2014-04-04 18:59 - 2013-12-04 15:26 - 00000000 ____D () C:\ProgramData\Common Toolkit Suite
2014-04-04 18:59 - 2013-11-17 13:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-04 18:59 - 2012-08-27 19:47 - 00000000 ____D () C:\ProgramData\Fighters
2014-04-04 18:59 - 2011-10-19 18:09 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-04 18:59 - 2011-10-19 17:58 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-04-04 18:59 - 2011-04-16 03:13 - 00000000 ___RD () C:\SYSTEM.SAV
2014-04-03 09:51 - 2014-04-22 21:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-22 21:37 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-22 21:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 22:29 - 2012-10-20 15:33 - 00004056 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 22:29 - 2012-10-20 15:33 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 10:06 - 2012-10-21 11:08 - 00004034 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-221597889-1372561564-2659484244-1000UA
2014-03-29 10:06 - 2012-10-21 11:08 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-221597889-1372561564-2659484244-1000Core
2014-03-26 08:33 - 2010-11-21 05:24 - 00055296 _____ () C:\ProgramData\msyyew.exe

Files to move or delete:
====================
C:\ProgramData\msyyew.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {3cdea449-edfe-11e1-b58f-aefa49f1f6e6}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {e24dacad-edf6-11e1-94dc-68a3c4525b23}

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {e24dacad-edf6-11e1-94dc-68a3c4525b23}
recoveryenabled Yes
testsigning No
osdevice partition=C:
systemroot \Windows
resumeobject {3cdea449-edfe-11e1-b58f-aefa49f1f6e6}
nx OptIn
bootlog No

Chargeur de d‚marrage Windows
-----------------------------
identificateur {e24dacad-edf6-11e1-94dc-68a3c4525b23}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{e24dacae-edf6-11e1-94dc-68a3c4525b23}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{e24dacae-edf6-11e1-94dc-68a3c4525b23}
systemroot \windows
nx OptIn
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3cdea449-edfe-11e1-b58f-aefa49f1f6e6}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {e24dacae-edf6-11e1-94dc-68a3c4525b23}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi



LastRegBack: 2014-04-09 09:30

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité