Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2013 01
Ran by EdoMarie (administrator) on 18-06-2013 07:22:37
Running from C:\Users\EdoMarie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
() C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
() C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Runonce: [Uninstall C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\EdoMarie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: []  [x]
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\UpdatusUser\...\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
AppInit_DLLs:       [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\ZDWLan Utility.lnk
ShortcutTarget: ZDWLan Utility.lnk -> C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()
Startup: C:\Users\EdoMarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

Chrome: 
=======

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936 2008-06-26] ()
S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 driverhardwarev2x64; C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [15872 2010-08-30] (CybelSoft)
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-14] ()
S3 DSDrv4; C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [7168 2005-02-14] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-02-26] (DT Soft Ltd)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2013-04-26] ()
S3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft)
U3 a0awruim; C:\Windows\System32\Drivers\a0awruim.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\Users\EdoMarie\AppData\Local\Temp\catchme.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [x]
U2 SBKUPNT; 
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

Error(0) reading file: "C:\Windows\System32\ "
2013-06-18 07:21 - 2013-06-18 07:21 - 01926844 ____A (Farbar) C:\Users\EdoMarie\Desktop\FRST64.exe
2013-06-17 22:21 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-17 22:21 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-17 22:21 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-17 22:21 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-17 22:21 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-17 22:21 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-17 22:21 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-17 22:21 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-17 22:21 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-17 22:21 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-17 22:21 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-17 22:21 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-16 23:21 - 2013-06-16 23:21 - 02347384 ____A (ESET) C:\Users\EdoMarie\Downloads\esetsmartinstaller_enu.exe
2013-06-16 11:59 - 2013-06-16 12:01 - 13506000 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\mseinstall.exe
2013-06-15 13:13 - 2013-06-15 13:24 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-06-15 13:11 - 2013-06-15 13:11 - 00000207 ____A C:\Windows\tweaking.com-regbackup-EDOMARIE-PC-Microsoft-Windows 7-Édition-Familiale-Premium-(64-bits).dat
2013-06-15 13:09 - 2013-06-15 13:09 - 00000000 ____D C:\RegBackup
2013-06-15 12:40 - 2013-06-15 12:40 - 00002128 ____A C:\Users\EdoMarie\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-06-15 12:40 - 2013-06-15 12:40 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-06-15 12:34 - 2013-06-15 12:37 - 05555190 ____A C:\Users\EdoMarie\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-06-15 08:53 - 2013-06-18 06:58 - 00000392 ____A C:\Windows\setupact.log
2013-06-15 08:53 - 2013-06-15 13:26 - 00000932 ____A C:\Windows\PFRO.log
2013-06-15 08:53 - 2013-06-15 08:53 - 00000000 ____A C:\Windows\setuperr.log
2013-06-15 08:42 - 2013-06-15 08:42 - 00000831 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-15 08:40 - 2013-06-15 08:40 - 04378864 ____A (Piriform Ltd) C:\Users\EdoMarie\Downloads\ccsetup402.exe
2013-06-14 23:27 - 2013-06-14 23:27 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-14 23:27 - 2013-06-14 23:27 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-14 23:27 - 2013-06-14 23:27 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-14 23:26 - 2013-06-14 23:53 - 00000000 ____D C:\Users\EdoMarie\Desktop\zhpdiag
2013-06-14 19:55 - 2013-06-14 20:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-14 19:52 - 2013-06-14 19:53 - 00000000 ____D C:\Users\EdoMarie\Desktop\mbar
2013-06-14 16:48 - 2013-02-11 18:51 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\EdoMarie\Desktop\TDSSKiller.exe
2013-06-14 06:21 - 2013-06-14 09:13 - 00000000 ____D C:\FRST
2013-06-13 18:06 - 2013-06-13 18:06 - 00000000 ____D C:\_OTL
2013-06-13 15:58 - 2013-06-13 15:59 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-13 09:50 - 2013-06-13 10:11 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-12 22:01 - 2013-06-12 22:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 21:30 - 2013-06-12 21:31 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 21:13 - 2013-06-12 21:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 21:12 - 2013-06-12 21:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 21:12 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-12 21:08 - 2013-06-12 21:11 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 19:34 - 2013-06-12 19:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 18:27 - 2013-06-12 18:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 18:22 - 2013-06-15 08:54 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-12 15:40 - 2013-06-12 15:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 14:15 - 2013-06-12 14:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 14:15 - 2013-06-12 14:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 13:29 - 2013-06-15 08:37 - 00000000 ____D C:\ZHP
2013-06-12 13:26 - 2013-06-12 13:26 - 05676095 ____A (Nicolas Coolman                                             ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 13:21 - 2013-06-12 13:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 13:09 - 2013-06-12 13:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 12:47 - 2013-06-12 13:01 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 10:53 - 2010-11-20 15:34 - 00360832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcvmm.sys
2013-06-12 10:53 - 2010-11-20 15:34 - 00194944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpchbus.sys
2013-06-12 10:53 - 2010-11-20 15:27 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\vpchbuspipe.dll
2013-06-12 10:53 - 2010-11-20 15:25 - 04514816 ____A (Microsoft Corporation) C:\Windows\System32\vpc.exe
2013-06-12 10:53 - 2010-11-20 15:25 - 02264064 ____A (Microsoft Corporation) C:\Windows\System32\VPCWizard.exe
2013-06-12 10:53 - 2010-11-20 15:25 - 01369600 ____A (Microsoft Corporation) C:\Windows\System32\VPCSettings.exe
2013-06-12 10:53 - 2010-11-20 13:37 - 01210368 ____A (Microsoft Corporation) C:\Windows\System32\VMWindow.exe
2013-06-12 10:53 - 2010-11-20 13:37 - 00936448 ____A (Microsoft Corporation) C:\Windows\System32\vmsal.exe
2013-06-12 10:53 - 2010-11-20 13:35 - 00562176 ____A (Microsoft Corporation) C:\Windows\System32\VMCPropertyHandler.dll
2013-06-12 10:53 - 2010-11-20 13:35 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcusb.sys
2013-06-12 10:53 - 2010-11-20 13:35 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vpcnfltr.sys
2013-06-12 10:53 - 2010-11-20 12:52 - 00793600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2013-06-12 10:52 - 2013-06-12 10:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 10:51 - 2013-06-12 10:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 10:48 - 2013-06-12 10:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 10:47 - 2013-06-12 10:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 10:17 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 10:17 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 10:17 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 10:17 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 10:17 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 10:17 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 10:17 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:17 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 09:49 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:49 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:49 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 09:49 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 09:49 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:49 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:49 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 09:49 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 09:49 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 09:48 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:48 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 09:48 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:48 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 09:48 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:48 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 09:48 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:48 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 09:48 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 09:48 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 00:20 - 2013-06-12 00:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-12 00:15 - 2013-06-12 00:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 22:02 - 2013-06-11 22:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 22:01 - 2013-06-11 22:10 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 21:57 - 2013-06-11 22:12 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 21:34 - 2013-06-12 09:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-11 09:14 - 2013-06-11 09:15 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-07 11:43 - 2013-06-07 22:02 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-05 21:26 - 2013-06-05 21:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 16:44 - 2013-06-05 16:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 14:37 - 2013-06-05 16:16 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 13:27 - 2013-06-05 13:28 - 00000000 ____D C:\watch dogs
2013-06-04 22:21 - 2013-06-04 22:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 21:18 - 2013-06-03 21:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-05-31 15:56 - 2013-05-31 15:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 15:55 - 2013-05-31 15:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 15:55 - 2013-05-31 15:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 15:54 - 2013-05-31 15:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 15:53 - 2013-05-31 15:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-26 20:58 - 2013-05-26 20:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 17:23 - 2013-05-26 17:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 16:58 - 2013-05-26 16:59 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 16:49 - 2013-05-26 16:52 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 16:42 - 2013-05-26 16:49 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 16:19 - 2013-05-26 16:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 16:06 - 2013-05-26 16:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 15:56 - 2013-05-26 15:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 14:08 - 2013-05-26 14:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 13:04 - 2013-05-26 14:10 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 13:01 - 2013-05-26 13:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 16:44 - 2013-05-24 16:47 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 21:28 - 2013-05-22 21:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 14:30 - 2013-05-22 14:30 - 00000000 ____D C:\Python25
2013-05-22 14:29 - 2013-05-22 14:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 14:21 - 2013-05-22 14:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 14:21 - 2013-05-22 14:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 14:19 - 2013-05-22 14:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 13:41 - 2013-05-22 13:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-20 12:53 - 2013-05-26 16:51 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-20 12:48 - 2013-05-20 12:49 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 21:23 - 2013-05-19 21:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 21:22 - 2013-05-19 21:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 21:21 - 2013-05-19 21:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 15:33 - 2013-05-19 15:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-19 01:07 - 2013-05-19 01:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)

==================== One Month Modified Files and Folders =======

2013-06-18 07:21 - 2013-06-18 07:21 - 01926844 ____A (Farbar) C:\Users\EdoMarie\Desktop\FRST64.exe
2013-06-18 07:21 - 2011-10-28 10:11 - 00001108 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000UA.job
2013-06-18 07:03 - 2010-11-27 19:19 - 00751958 ____A C:\Windows\System32\perfh00C.dat
2013-06-18 07:03 - 2010-11-27 19:19 - 00151714 ____A C:\Windows\System32\perfc00C.dat
2013-06-18 07:03 - 2009-07-14 07:13 - 01676872 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-18 07:03 - 2009-07-14 06:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 07:03 - 2009-07-14 06:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 06:59 - 2013-01-15 17:31 - 00001068 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-18 06:58 - 2013-06-15 08:53 - 00000392 ____A C:\Windows\setupact.log
2013-06-18 06:58 - 2011-02-25 20:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-18 06:58 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-17 22:22 - 2010-12-09 00:40 - 01751016 ____A C:\Windows\WindowsUpdate.log
2013-06-17 21:46 - 2013-01-15 17:31 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-17 21:34 - 2012-04-15 04:17 - 00001002 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-17 10:21 - 2011-10-28 10:11 - 00001086 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2556019261-561236677-3583937948-1000Core.job
2013-06-16 23:21 - 2013-06-16 23:21 - 02347384 ____A (ESET) C:\Users\EdoMarie\Downloads\esetsmartinstaller_enu.exe
2013-06-16 13:46 - 2011-05-07 09:12 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\vlc
2013-06-16 12:01 - 2013-06-16 11:59 - 13506000 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\mseinstall.exe
2013-06-15 13:43 - 2012-10-22 09:24 - 00064536 ____A C:\Users\EdoMarie\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-15 13:26 - 2013-06-15 08:53 - 00000932 ____A C:\Windows\PFRO.log
2013-06-15 13:26 - 2009-07-14 06:45 - 00295032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-15 13:24 - 2013-06-15 13:13 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-06-15 13:20 - 2009-07-14 04:34 - 00000474 ____A C:\Windows\win.ini
2013-06-15 13:11 - 2013-06-15 13:11 - 00000207 ____A C:\Windows\tweaking.com-regbackup-EDOMARIE-PC-Microsoft-Windows 7-Édition-Familiale-Premium-(64-bits).dat
2013-06-15 13:09 - 2013-06-15 13:09 - 00000000 ____D C:\RegBackup
2013-06-15 12:40 - 2013-06-15 12:40 - 00002128 ____A C:\Users\EdoMarie\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-06-15 12:40 - 2013-06-15 12:40 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-06-15 12:37 - 2013-06-15 12:34 - 05555190 ____A C:\Users\EdoMarie\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-06-15 08:54 - 2013-06-12 18:22 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (5)
2013-06-15 08:53 - 2013-06-15 08:53 - 00000000 ____A C:\Windows\setuperr.log
2013-06-15 08:44 - 2012-01-28 14:48 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\uTorrent
2013-06-15 08:44 - 2011-02-26 19:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\DAEMON Tools Lite
2013-06-15 08:43 - 2011-02-26 13:56 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\CrashDumps
2013-06-15 08:43 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-06-15 08:42 - 2013-06-15 08:42 - 00000831 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-15 08:42 - 2011-06-29 01:39 - 00000000 ____D C:\Program Files\CCleaner
2013-06-15 08:40 - 2013-06-15 08:40 - 04378864 ____A (Piriform Ltd) C:\Users\EdoMarie\Downloads\ccsetup402.exe
2013-06-15 08:37 - 2013-06-12 13:29 - 00000000 ____D C:\ZHP
2013-06-14 23:53 - 2013-06-14 23:26 - 00000000 ____D C:\Users\EdoMarie\Desktop\zhpdiag
2013-06-14 23:48 - 2011-06-20 22:51 - 00000512 ____A C:\PhysicalDisk0_MBR.bin
2013-06-14 23:48 - 2011-06-20 22:47 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2013-06-14 23:27 - 2013-06-14 23:27 - 00001956 ____A C:\Users\Public\Desktop\ZHPFix.lnk
2013-06-14 23:27 - 2013-06-14 23:27 - 00001829 ____A C:\Users\Public\Desktop\ZHPDiag.lnk
2013-06-14 23:27 - 2013-06-14 23:27 - 00000967 ____A C:\Users\Public\Desktop\MBRCheck.lnk
2013-06-14 20:27 - 2013-06-14 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-14 19:53 - 2013-06-14 19:52 - 00000000 ____D C:\Users\EdoMarie\Desktop\mbar
2013-06-14 09:13 - 2013-06-14 06:21 - 00000000 ____D C:\FRST
2013-06-14 01:52 - 2012-04-13 11:59 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Paint.NET
2013-06-13 18:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 18:06 - 2013-06-13 18:06 - 00000000 ____D C:\_OTL
2013-06-13 15:59 - 2013-06-13 15:58 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (7)
2013-06-13 10:11 - 2013-06-13 09:50 - 00000000 ____D C:\Users\EdoMarie\U Torrent
2013-06-13 10:00 - 2012-01-28 14:49 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-06-13 09:50 - 2011-02-25 20:46 - 00000000 ____D C:\users\EdoMarie
2013-06-12 22:01 - 2013-06-12 22:01 - 04009167 ____A C:\Users\EdoMarie\Desktop\ServicesRepair.exe
2013-06-12 21:31 - 2013-06-12 21:30 - 00355651 ____A (Farbar) C:\Users\EdoMarie\Desktop\FSS.exe
2013-06-12 21:13 - 2013-06-12 21:13 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 21:13 - 2013-06-12 21:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 21:11 - 2013-06-12 21:08 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\EdoMarie\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-12 19:34 - 2013-06-12 19:34 - 00816128 ____A C:\Users\EdoMarie\Desktop\RogueKiller.exe
2013-06-12 18:27 - 2013-06-12 18:27 - 00602112 ____A (OldTimer Tools) C:\Users\EdoMarie\Desktop\OTL.exe
2013-06-12 18:20 - 2011-05-04 13:11 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Skype
2013-06-12 18:20 - 2011-02-27 09:49 - 00000000 ____D C:\Users\EdoMarie\Tracing
2013-06-12 18:19 - 2011-03-08 00:17 - 00000000 ____D C:\Windows\Minidump
2013-06-12 15:40 - 2013-06-12 15:40 - 00648201 ____A C:\Users\EdoMarie\Downloads\adwcleaner.exe
2013-06-12 14:15 - 2013-06-12 14:15 - 00001860 ____A C:\Users\maman\Desktop\AD-R.lnk
2013-06-12 14:15 - 2013-06-12 14:15 - 00001860 ____A C:\Users\EdoMarie\Desktop\AD-R.lnk
2013-06-12 14:15 - 2011-06-21 18:37 - 00001860 ____A C:\Users\UpdatusUser\Desktop\AD-R.lnk
2013-06-12 13:52 - 2009-07-14 01:19 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-06-12 13:26 - 2013-06-12 13:26 - 05676095 ____A (Nicolas Coolman                                             ) C:\Users\EdoMarie\Downloads\ZHPDiag2.exe
2013-06-12 13:21 - 2013-06-12 13:21 - 00197870 ____A C:\Users\EdoMarie\Downloads\MicrosoftFixit20084.mini.diagcab
2013-06-12 13:09 - 2013-06-12 13:09 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-12 13:01 - 2013-06-12 12:47 - 1047527424 ____A C:\Users\EdoMarie\Downloads\fhd-ttnc720.part1.rar
2013-06-12 11:34 - 2012-04-15 04:17 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 11:34 - 2011-10-08 23:42 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\tr-TR
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\th-TH
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\ro-RO
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\he-IL
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Windows\System32\Drivers\ar-SA
2013-06-12 10:58 - 2013-06-12 10:58 - 00000000 ____D C:\Program Files (x86)\Windows Virtual PC
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\th-TH
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ro-RO
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\he-IL
2013-06-12 10:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ar-SA
2013-06-12 10:52 - 2013-06-12 10:52 - 17091624 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x64-RefreshPkg.msu
2013-06-12 10:51 - 2013-06-12 10:51 - 16070039 ____A C:\Users\EdoMarie\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu
2013-06-12 10:48 - 2013-06-12 10:48 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-06-12 10:47 - 2013-06-12 10:47 - 01528184 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\GenuineCheck.exe
2013-06-12 10:18 - 2011-03-06 10:00 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 09:51 - 2013-06-11 21:34 - 00000000 ____D C:\Users\EdoMarie\Desktop\Titanic une aventure hors du temps
2013-06-12 00:20 - 2013-06-12 00:20 - 01023485 ____A C:\Users\EdoMarie\Downloads\shinod7.zip
2013-06-12 00:15 - 2013-06-12 00:15 - 92391797 ____A C:\Users\EdoMarie\Downloads\gn98.zip
2013-06-11 22:12 - 2013-06-11 21:57 - 32005504 ____A (Microsoft Corporation) C:\Users\EdoMarie\Downloads\setup (5).exe
2013-06-11 22:10 - 2013-06-11 22:02 - 00000000 ____D C:\Users\EdoMarie\Downloads\jeu egypte
2013-06-11 22:10 - 2013-06-11 22:01 - 00000000 ____D C:\Users\EdoMarie\Downloads\les visiteurs le jeu
2013-06-11 18:32 - 2013-05-05 14:38 - 00001718 ____A C:\Users\EdoMarie\Desktop\PESEDIT - Raccourci.lnk
2013-06-11 09:47 - 2012-12-14 12:30 - 00000000 ___RD C:\Users\EdoMarie\Desktop\Bureau
2013-06-11 09:15 - 2013-06-11 09:14 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (6)
2013-06-08 16:08 - 2013-06-17 22:21 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-17 22:21 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-17 22:21 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-17 22:21 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-17 22:21 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-17 22:21 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-17 22:21 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-17 22:21 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-17 22:21 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-17 22:21 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-17 22:21 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-17 22:21 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 22:02 - 2013-06-07 11:43 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (6)
2013-06-07 21:49 - 2012-10-16 01:13 - 00000132 ____A C:\Users\EdoMarie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-07 10:40 - 2012-03-13 10:37 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\VirtuaTennis2009
2013-06-06 02:02 - 2011-05-17 13:39 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\SoftGrid Client
2013-06-05 21:26 - 2013-06-05 21:26 - 00000779 ____A C:\Users\EdoMarie\Desktop\launcher - Raccourci.lnk
2013-06-05 16:44 - 2013-06-05 16:44 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\2K Games
2013-06-05 16:16 - 2013-06-05 14:37 - 00000000 ____D C:\Users\EdoMarie\Desktop\patch fr mafia 2
2013-06-05 13:28 - 2013-06-05 13:27 - 00000000 ____D C:\watch dogs
2013-06-04 22:21 - 2013-06-04 22:21 - 00000000 ____D C:\Users\EdoMarie\Documents\TikGames
2013-06-03 21:18 - 2013-06-03 21:18 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\SKIDROW
2013-06-03 11:58 - 2013-05-06 20:23 - 00000000 ____D C:\Users\EdoMarie\Desktop\images pes ligue des masters , coupes
2013-06-02 12:25 - 2012-08-15 06:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\HpUpdate
2013-05-31 15:56 - 2013-05-31 15:56 - 00001960 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\ProgramData\Visan
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-05-31 15:56 - 2013-05-31 15:56 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-05-31 15:55 - 2013-05-31 15:55 - 00002281 ____A C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2013-05-31 15:55 - 2013-05-31 15:55 - 00001203 ____A C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 1050 J410 series.lnk
2013-05-31 15:55 - 2012-08-15 06:49 - 00000000 ____D C:\Program Files (x86)\HP
2013-05-31 15:55 - 2012-08-15 06:45 - 00000000 ____D C:\ProgramData\HP
2013-05-31 15:54 - 2013-05-31 15:54 - 00000057 ____A C:\ProgramData\Ament.ini
2013-05-31 15:54 - 2012-08-15 06:46 - 00000000 ____D C:\Program Files\HP
2013-05-31 15:53 - 2013-05-31 15:53 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\HP
2013-05-30 10:20 - 2011-12-17 20:27 - 00000000 ____D C:\Users\EdoMarie\Documents\cv
2013-05-26 20:58 - 2013-05-26 20:58 - 00000522 ____A C:\Users\EdoMarie\Downloads\D21297DF7C8288382A5113902BEC6FF2207EA11C.torrent
2013-05-26 17:23 - 2013-05-26 17:23 - 00026112 ____A C:\Users\EdoMarie\Downloads\The Last Express v1.02 Multi-Langues.torrent
2013-05-26 16:59 - 2013-05-26 16:58 - 06885984 ____A (http://www.express-files.com/) C:\Users\EdoMarie\Downloads\the_last_express_downloader_fr_133.exe
2013-05-26 16:52 - 2013-05-26 16:49 - 00001614 ____A C:\Users\EdoMarie\Desktop\_le - Raccourci.lnk
2013-05-26 16:51 - 2013-05-20 12:53 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (3)
2013-05-26 16:49 - 2013-05-26 16:42 - 00001669 ____A C:\Users\EdoMarie\Desktop\ExpressW - Raccourci.lnk
2013-05-26 16:19 - 2013-05-26 16:19 - 00000000 ____D C:\Program Files (x86)\Interplay
2013-05-26 16:10 - 2013-05-26 16:06 - 00000000 ____D C:\Users\EdoMarie\Desktop\last express game
2013-05-26 15:56 - 2013-05-26 15:56 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA (1).torrent
2013-05-26 14:10 - 2013-05-26 13:04 - 00000000 ____D C:\Users\EdoMarie\Desktop\The-Last-Express
2013-05-26 14:08 - 2013-05-26 14:08 - 00014879 ____A C:\Users\EdoMarie\Downloads\T.Expen.2-.torrent
2013-05-26 13:01 - 2013-05-26 13:01 - 00042013 ____A C:\Users\EdoMarie\Downloads\The.Last.Express.Collectors.Edition.FRENCH.KOMONA.torrent
2013-05-24 16:47 - 2013-05-24 16:44 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (19)
2013-05-22 21:28 - 2013-05-22 21:28 - 00000000 ____D C:\Users\EdoMarie\Desktop\Nouveau dossier (4)
2013-05-22 14:30 - 2013-05-22 14:30 - 00000000 ____D C:\Python25
2013-05-22 14:29 - 2013-05-22 14:29 - 10695680 ____A C:\Users\EdoMarie\Downloads\python-2.5.msi
2013-05-22 14:21 - 2013-05-22 14:21 - 00002073 ____A C:\Users\UpdatusUser\Desktop\Blender.lnk
2013-05-22 14:21 - 2013-05-22 14:21 - 00002073 ____A C:\Users\maman\Desktop\Blender.lnk
2013-05-22 14:19 - 2013-05-22 14:19 - 00000000 ____D C:\Program Files (x86)\Blender Foundation
2013-05-22 13:41 - 2013-05-22 13:41 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Blender Foundation
2013-05-21 22:38 - 2011-03-08 14:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Adobe
2013-05-21 21:23 - 2011-03-07 14:07 - 00000000 ____D C:\Users\EdoMarie\AppData\Roaming\Adobe
2013-05-21 12:05 - 2011-02-27 09:28 - 00000000 ____D C:\Users\EdoMarie\AppData\Local\Windows Live
2013-05-20 12:49 - 2013-05-20 12:48 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (17)
2013-05-19 21:23 - 2013-05-19 21:23 - 00206984 ____A C:\Users\EdoMarie\Downloads\Terminator_1_french_dvdrip_evanetlola.exe
2013-05-19 21:22 - 2013-05-19 21:22 - 00007758 ____A C:\Users\EdoMarie\Downloads\Terminator.Edition.Speciale.1984.FRENCH.BRRiP.XViD.AC3-HuSh.torrent
2013-05-19 21:21 - 2013-05-19 21:21 - 00038684 ____A C:\Users\EdoMarie\Downloads\Terminator 1984 French DvDRip Xvid AC3 Empereur-Team.torrent
2013-05-19 15:33 - 2013-05-19 15:33 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (13)
2013-05-19 01:07 - 2013-05-19 01:07 - 00000000 ____D C:\Users\EdoMarie\Downloads\Nouveau dossier (16)

Files to move or delete:
====================
C:\Users\EdoMarie\wlsetup-web.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-13 18:40

==================== End Of Log ============================