OTL logfile created on: 29/03/2014 10:51:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maxime\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16521) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.92 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 33.16% Memory free 7.83 Gb Paging File | 4.89 Gb Available in Paging File | 62.49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 231.00 Gb Total Space | 148.41 Gb Free Space | 64.25% Space Free | Partition Type: NTFS Drive D: | 345.23 Gb Total Space | 195.55 Gb Free Space | 56.65% Space Free | Partition Type: NTFS Drive F: | 793.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: MAXIME-PC | User Name: Maxime | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/03/29 10:49:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maxime\Downloads\OTL.exe PRC - [2014/03/14 04:35:09 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2014/03/14 04:34:34 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2014/03/14 04:34:34 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2014/03/05 17:39:55 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/12/19 11:54:30 | 000,467,000 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe PRC - [2013/04/08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe PRC - [2012/11/19 16:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrlS.exe PRC - [2012/01/29 13:01:01 | 000,446,480 | ---- | M] (ZBANG IT LTD) -- C:\Program Files (x86)\MultiMi\MultiMi.exe PRC - [2011/09/01 16:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe PRC - [2011/08/17 07:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2011/08/08 11:13:56 | 002,276,944 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe PRC - [2011/08/08 11:13:08 | 001,080,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe PRC - [2011/08/06 17:20:16 | 000,776,704 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe PRC - [2011/08/06 17:19:48 | 001,634,304 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe PRC - [2011/07/29 22:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe PRC - [2011/06/24 08:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe PRC - [2011/06/04 23:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/05/05 12:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011/05/05 12:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe PRC - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2011/03/30 14:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe PRC - [2010/09/20 03:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe PRC - [2010/08/16 12:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe PRC - [2009/11/02 05:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/03/15 00:50:40 | 013,637,448 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll MOD - [2014/03/15 00:50:40 | 000,394,568 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll MOD - [2014/03/15 00:50:38 | 004,061,000 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll MOD - [2014/03/15 00:50:35 | 000,716,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\libglesv2.dll MOD - [2014/03/15 00:50:34 | 000,100,168 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\libegl.dll MOD - [2014/03/15 00:50:32 | 001,647,432 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll MOD - [2014/03/15 00:50:30 | 000,051,016 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll MOD - [2014/03/05 17:39:55 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe MOD - [2014/02/19 10:53:06 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\5593edae2575d91c62c97959be364aa9\System.WorkflowServices.ni.dll MOD - [2014/02/19 10:52:51 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\fd746553afb4778c8736b6d8af4caa6d\System.ServiceModel.Web.ni.dll MOD - [2014/02/19 10:52:47 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\801b632b8b7ef72f14333dbce41524b8\System.Xml.Linq.ni.dll MOD - [2014/02/19 10:52:23 | 000,135,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\e383182777b770f5eb30064b782bff53\System.Data.DataSetExtensions.ni.dll MOD - [2014/02/19 10:52:23 | 000,094,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\c2dde6ca38ddab8efae49654fbabc14c\System.ComponentModel.DataAnnotations.ni.dll MOD - [2014/02/19 10:51:19 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll MOD - [2014/02/19 10:51:17 | 017,477,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\5cf4b104c2c79c9563d13e289e39c6ba\System.ServiceModel.ni.dll MOD - [2014/02/19 10:51:17 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll MOD - [2014/02/19 10:50:46 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll MOD - [2014/02/19 10:46:50 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll MOD - [2014/02/19 10:46:36 | 011,922,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll MOD - [2014/02/19 10:46:26 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll MOD - [2014/02/19 10:46:25 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\faf3ae85f2470505e1b32d2154de60ef\System.EnterpriseServices.ni.dll MOD - [2014/02/19 10:46:24 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\cd3556d1162e8f7df77611c9c4253f7c\System.Transactions.ni.dll MOD - [2014/02/19 10:46:22 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\4f41ca6f8bf8621aebcbaf7e2f07ecd7\System.Data.ni.dll MOD - [2014/02/19 10:46:07 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll MOD - [2014/02/19 10:45:42 | 000,039,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\ab661afc099166b889ebd2717d2294ea\PresentationCFFRasterizer.ni.dll MOD - [2014/02/19 10:45:41 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll MOD - [2014/02/19 10:45:33 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll MOD - [2014/02/19 10:45:29 | 000,060,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\549aa924ef5af7232f4024eb6f8cb97a\UIAutomationProvider.ni.dll MOD - [2014/02/19 10:45:28 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll MOD - [2014/02/19 10:45:23 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll MOD - [2014/02/19 10:45:12 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll MOD - [2014/02/19 10:45:04 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll MOD - [2014/02/19 10:44:55 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll MOD - [2014/02/19 10:44:50 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll MOD - [2014/02/19 10:43:40 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2012/07/04 21:46:39 | 000,016,384 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Zbang.Statistics.Domain.Common.dll MOD - [2012/07/04 21:46:38 | 002,741,248 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Telerik.Windows.Controls.Navigation.dll MOD - [2012/07/04 21:46:38 | 000,904,704 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\System.Data.SQLite.DLL MOD - [2012/07/04 21:46:36 | 000,344,064 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\avgreplibx.dll MOD - [2012/07/04 21:46:36 | 000,020,480 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\AttachedCommandBehavior.dll MOD - [2012/07/04 21:46:36 | 000,006,656 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\Instrumentation.Common.dll MOD - [2011/11/24 12:58:29 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\MultiMi\ICSharpCode.SharpZipLib.dll MOD - [2011/02/16 16:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll MOD - [2010/11/21 03:24:08 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/05/07 14:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll MOD - [2009/11/02 05:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 05:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009/06/10 21:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2006/08/12 03:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService) SRV:[b]64bit:[/b] - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2011/04/21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:[b]64bit:[/b] - [2011/04/21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:[b]64bit:[/b] - [2010/09/22 09:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2014/03/14 04:35:09 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2014/03/14 04:34:34 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2014/03/12 07:31:22 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/04/08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2013/04/08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2012/11/19 16:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrlS.exe -- (Panda Software Controller) SRV - [2012/10/27 21:13:12 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011/06/04 23:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/05/05 12:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011/05/05 12:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360) SRV - [2011/03/30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011/03/30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011/03/30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010/08/16 12:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe -- (PskSvcRetail) SRV - [2010/06/01 06:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014/03/18 07:10:43 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLib64.sys -- (wStLib64) DRV:[b]64bit:[/b] - [2013/12/19 11:54:50 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2013/12/19 11:54:50 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2013/11/30 07:31:53 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:[b]64bit:[/b] - [2013/11/16 15:21:50 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013/08/27 09:57:57 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr) DRV:[b]64bit:[/b] - [2013/08/26 06:51:47 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2012/03/26 16:57:36 | 000,071,432 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM) DRV:[b]64bit:[/b] - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/08/17 07:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2011/07/29 22:47:20 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI) DRV:[b]64bit:[/b] - [2011/07/25 16:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:[b]64bit:[/b] - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort) DRV:[b]64bit:[/b] - [2011/06/17 03:40:40 | 000,186,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2011/06/04 23:22:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2011/05/01 05:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:[b]64bit:[/b] - [2011/04/22 10:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:[b]64bit:[/b] - [2011/04/21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:[b]64bit:[/b] - [2011/04/21 01:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011/04/11 10:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv) DRV:[b]64bit:[/b] - [2011/03/31 03:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011/03/31 03:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2011/03/22 18:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:[b]64bit:[/b] - [2011/03/15 02:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:[b]64bit:[/b] - [2011/03/08 14:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:[b]64bit:[/b] - [2011/02/17 23:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2011/01/27 06:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2010/12/16 10:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010/11/16 00:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2010/10/20 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2010/08/21 03:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2010/06/22 16:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot) DRV:[b]64bit:[/b] - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/14 00:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:[b]64bit:[/b] - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2011/10/15 01:59:16 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport) DRV - [2010/12/01 09:00:00 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\20101201.025\EX64.SYS -- (NAVEX15) DRV - [2010/12/01 09:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\20101201.025\ENG64.SYS -- (NAVENG) DRV - [2010/11/23 03:21:16 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20101123.003\BHDrvx64.sys -- (BHDrvx64) DRV - [2010/11/11 00:46:29 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20101201.001\IDSviA64.sys -- (IDSVia64) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r= IE - HKCU\..\SearchScopes\{A58CD030-5B68-48E5-98F7-E91958BAFB7B}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=4456714253904365&q={searchTerms} IE - HKCU\..\SearchScopes\{E20497BB-64FA-46D9-99D2-CBE09B30F08C}: "URL" = http://search.softonic.com/MOY00461/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=da5f586e000000000000dca97170996a&r=102 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll () FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maxime\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maxime\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013/06/03 14:02:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\IPSFFPlgn\ [2013/08/28 20:07:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\coFFPlgn_2011_7_13_2 [2014/03/29 10:42:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/28 10:37:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/20 20:58:52 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5906c4a5-6de6-4456-b5f6-984436f80a1a}: C:\Program Files (x86)\Re-markit-soft\155.xpi [2014/03/05 17:40:05 | 000,029,572 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/28 10:37:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/20 20:58:52 | 000,000,000 | ---D | M] [2013/11/16 14:45:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxime\AppData\Roaming\Mozilla\Extensions [2014/03/24 22:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxime\AppData\Roaming\Mozilla\Firefox\Profiles\fzsi6abq.default\extensions [2014/02/19 10:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/02/13 16:44:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014/03/29 10:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2012/10/27 21:13:12 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/10/25 14:17:28 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2012/10/27 13:19:41 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/10/25 14:17:28 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml [2012/10/25 14:17:28 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml [2012/10/27 13:19:41 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [2012/10/25 14:17:28 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Conduit Search (Enabled) CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?ctid=CT3324328&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP416352CC-37AC-4896-9E02-D8BAD9EB6A61&q={searchTerms}&SSPV= CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll CHR - plugin: Wajam (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/np-cwmp.dll CHR - plugin: Conduit Chrome Approve TB Plugin (Enabled) = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\badkodiapncjgddgfhpeijmodfnfebeg\10.15.0.62_0\plugins/ChromeApproveTBPlugin.dll CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - Extension: Skype Click to Call = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\ CHR - Extension: Google Wallet = C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [fst_fr_94] File not found O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [MultiMi.exe] C:\Program Files (x86)\MultiMi\MultiMi.exe (ZBANG IT LTD) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O8:[b]64bit:[/b] - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27D0474D-D09D-4B6F-8688-9CF2141C8092}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6FFDEA5-A7CF-4212-B651-FE866E447144}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/03/23 20:56:42 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell - "" = AutoRun O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\AutoRun\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\configure\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{4d1a9aaf-4ed0-11e3-ba2b-dca97170996d}\Shell\install\command - "" = F:\setup.exe -- [2010/03/30 09:50:58 | 001,377,656 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: PskSvcRetail - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014/03/29 10:32:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/03/18 07:10:43 | 000,061,120 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\wStLib64.sys [2014/03/16 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Maxime\Documents\ENGLISH IDIOMS [2014/03/15 09:21:56 | 000,000,000 | R--D | C] -- C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014/03/15 08:56:01 | 000,000,000 | ---D | C] -- C:\Users\Maxime\AppData\Roaming\Optimizer Elite Max [2014/03/12 22:40:44 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll [2014/03/12 22:40:43 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll [2014/03/12 22:40:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2014/03/12 22:40:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll [2014/03/12 22:40:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll [2014/03/12 22:40:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2014/03/12 22:40:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll [2014/03/12 22:40:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2014/03/12 22:40:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2014/03/12 22:40:32 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2014/03/12 22:40:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll [2014/03/12 22:40:31 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2014/03/12 22:40:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2014/03/12 22:40:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2014/03/12 22:40:27 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2014/03/12 22:40:27 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2014/03/12 22:40:26 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll [2014/03/12 22:40:26 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll [2014/03/12 22:40:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe [2014/03/12 22:40:24 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2014/03/12 22:40:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2014/03/12 22:40:22 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2014/03/12 22:40:22 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll [2014/03/12 22:40:21 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll [2014/03/12 22:40:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll [2014/03/12 22:40:19 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe [2014/03/12 22:39:10 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll [2014/03/12 22:39:10 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll [2014/03/12 22:39:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2014/03/08 08:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB [2014/03/05 17:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit-soft [2014/03/01 18:34:16 | 000,000,000 | ---D | C] -- C:\Users\Maxime\Documents\DU MOT A LA PHRASE [3 C:\Users\Maxime\Documents\*.tmp files -> C:\Users\Maxime\Documents\*.tmp -> ] [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2014/03/29 11:00:00 | 000,000,302 | ---- | M] () -- C:\windows\tasks\PCHelpers_period.job [2014/03/29 10:54:48 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/03/29 10:54:48 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/03/29 10:43:07 | 000,000,392 | ---- | M] () -- C:\windows\tasks\Re-markit_wd.job [2014/03/29 10:42:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys [2014/03/29 10:38:43 | 000,001,168 | ---- | M] () -- C:\Users\Maxime\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/03/29 10:31:38 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2014/03/29 10:21:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001UA.job [2014/03/28 15:21:01 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001Core.job [2014/03/28 06:54:08 | 000,000,147 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\WB.CFG [2014/03/26 18:19:27 | 000,000,378 | ---- | M] () -- C:\windows\tasks\APSnotifierCA.job [2014/03/19 16:52:37 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014/03/18 07:10:43 | 000,061,120 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\wStLib64.sys [2014/03/15 09:18:16 | 000,000,302 | ---- | M] () -- C:\windows\tasks\PCHelpers1st.job [2014/03/15 08:56:00 | 000,005,265 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\callbanner.png [2014/03/13 06:56:59 | 000,471,016 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2014/03/12 07:31:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2014/03/12 07:31:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2014/03/11 14:14:05 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2014/03/11 14:14:05 | 000,667,096 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2014/03/11 14:14:05 | 000,126,740 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2014/03/09 18:17:21 | 000,001,124 | ---- | M] () -- C:\Users\Maxime\Desktop\Continue PDF Writer Installation.lnk [2014/03/08 08:52:52 | 000,000,163 | ---- | M] () -- C:\windows\Reimage.ini [2014/03/05 17:44:10 | 000,000,608 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\aps.scan.quick.results [2014/03/01 05:16:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll [2014/03/01 04:52:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2014/03/01 04:51:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll [2014/03/01 04:40:43 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2014/03/01 04:37:12 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2014/03/01 04:33:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2014/03/01 04:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe [2014/03/01 04:32:59 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll [2014/03/01 04:23:49 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe [2014/03/01 04:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2014/03/01 04:02:07 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll [2014/03/01 03:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2014/03/01 03:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2014/03/01 03:51:53 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll [2014/03/01 03:43:28 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2014/03/01 03:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2014/03/01 03:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2014/03/01 03:38:26 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2014/03/01 03:37:35 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll [2014/03/01 03:35:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2014/03/01 03:16:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll [2014/03/01 03:00:08 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2014/03/01 02:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll [2014/03/01 02:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll [3 C:\Users\Maxime\Documents\*.tmp files -> C:\Users\Maxime\Documents\*.tmp -> ] [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014/03/29 11:00:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2014/03/15 08:56:00 | 000,005,265 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\callbanner.png [2014/03/15 08:51:20 | 000,000,302 | ---- | C] () -- C:\windows\tasks\PCHelpers1st.job [2014/03/15 08:51:20 | 000,000,302 | ---- | C] () -- C:\windows\tasks\PCHelpers_period.job [2014/03/09 18:17:20 | 000,001,124 | ---- | C] () -- C:\Users\Maxime\Desktop\Continue PDF Writer Installation.lnk [2014/03/08 08:47:57 | 000,000,163 | ---- | C] () -- C:\windows\Reimage.ini [2014/03/05 17:44:09 | 000,000,378 | ---- | C] () -- C:\windows\tasks\APSnotifierCA.job [2014/03/05 17:43:35 | 000,000,608 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\aps.scan.quick.results [2014/03/05 17:40:13 | 000,000,392 | ---- | C] () -- C:\windows\tasks\Re-markit_wd.job [2014/03/05 17:40:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014/01/22 12:08:21 | 000,079,360 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll [2013/12/18 20:47:02 | 000,000,147 | ---- | C] () -- C:\Users\Maxime\AppData\Roaming\WB.CFG [2013/08/27 10:00:29 | 000,000,000 | ---- | C] () -- C:\windows\PAVSHRB.INI [2012/08/23 10:45:24 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKCU\Software >[/color] [HKEY_CURRENT_USER\Software\49042InstEnd] [HKEY_CURRENT_USER\Software\Adobe] [HKEY_CURRENT_USER\Software\AnyProtect] [HKEY_CURRENT_USER\Software\AppDataLow] [HKEY_CURRENT_USER\Software\Apple Computer, Inc.] [HKEY_CURRENT_USER\Software\Apple Inc.] [HKEY_CURRENT_USER\Software\ASProtect] [HKEY_CURRENT_USER\Software\Avira] [HKEY_CURRENT_USER\Software\Clients] [HKEY_CURRENT_USER\Software\CyberLink] [HKEY_CURRENT_USER\Software\Disc Soft] [HKEY_CURRENT_USER\Software\Elantech] [HKEY_CURRENT_USER\Software\GNU] [HKEY_CURRENT_USER\Software\Google] [HKEY_CURRENT_USER\Software\Hewlett-Packard] [HKEY_CURRENT_USER\Software\IM Providers] [HKEY_CURRENT_USER\Software\Intel] [HKEY_CURRENT_USER\Software\KasperskyLab] [HKEY_CURRENT_USER\Software\kde.org] [HKEY_CURRENT_USER\Software\Licenses] [HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications] [HKEY_CURRENT_USER\Software\Macromedia] [HKEY_CURRENT_USER\Software\MainConcept] [HKEY_CURRENT_USER\Software\McAfee] [HKEY_CURRENT_USER\Software\Microsoft] [HKEY_CURRENT_USER\Software\Mozilla] [HKEY_CURRENT_USER\Software\MozillaPlugins] [HKEY_CURRENT_USER\Software\Netscape] [HKEY_CURRENT_USER\Software\Nokia] [HKEY_CURRENT_USER\Software\Norton] [HKEY_CURRENT_USER\Software\NVIDIA Corporation] [HKEY_CURRENT_USER\Software\ODBC] [HKEY_CURRENT_USER\Software\OpenOffice] [HKEY_CURRENT_USER\Software\PDF Architect] [HKEY_CURRENT_USER\Software\PDFCreator] [HKEY_CURRENT_USER\Software\Piriform] [HKEY_CURRENT_USER\Software\Pistonsoft] [HKEY_CURRENT_USER\Software\Policies] [HKEY_CURRENT_USER\Software\Realtek] [HKEY_CURRENT_USER\Software\Reimage] [HKEY_CURRENT_USER\Software\Research In Motion] [HKEY_CURRENT_USER\Software\Samsung] [HKEY_CURRENT_USER\Software\Skype] [HKEY_CURRENT_USER\Software\TeleCharger] [HKEY_CURRENT_USER\Software\Trolltech] [HKEY_CURRENT_USER\Software\Wow6432Node] [HKEY_CURRENT_USER\Software\Zbang] [HKEY_CURRENT_USER\Software\Classes] [color=#A23BEC]< HKLM\Software >[/color] [HKEY_LOCAL_MACHINE\Software\AceBIT] [HKEY_LOCAL_MACHINE\Software\Adobe] [HKEY_LOCAL_MACHINE\Software\AdwCleaner] [HKEY_LOCAL_MACHINE\Software\anset] [HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.] [HKEY_LOCAL_MACHINE\Software\Apple Inc.] [HKEY_LOCAL_MACHINE\Software\Avira] [HKEY_LOCAL_MACHINE\Software\Better-Surf] [HKEY_LOCAL_MACHINE\Software\BuzzSearch] [HKEY_LOCAL_MACHINE\Software\Caphyon] [HKEY_LOCAL_MACHINE\Software\CyberLink] [HKEY_LOCAL_MACHINE\Software\Disc Soft] [HKEY_LOCAL_MACHINE\Software\dotNetInstaller] [HKEY_LOCAL_MACHINE\Software\free ven] [HKEY_LOCAL_MACHINE\Software\GNU] [HKEY_LOCAL_MACHINE\Software\Google] [HKEY_LOCAL_MACHINE\Software\i-beta] [HKEY_LOCAL_MACHINE\Software\IM Providers] [HKEY_LOCAL_MACHINE\Software\Intel] [HKEY_LOCAL_MACHINE\Software\JavaSoft] [HKEY_LOCAL_MACHINE\Software\KasperskyLab] [HKEY_LOCAL_MACHINE\Software\Khronos] [HKEY_LOCAL_MACHINE\Software\KNOWHOW] [HKEY_LOCAL_MACHINE\Software\Licenses] [HKEY_LOCAL_MACHINE\Software\Loader] [HKEY_LOCAL_MACHINE\Software\Macromedia] [HKEY_LOCAL_MACHINE\Software\Microsoft] [HKEY_LOCAL_MACHINE\Software\Mozilla] [HKEY_LOCAL_MACHINE\Software\mozilla.org] [HKEY_LOCAL_MACHINE\Software\MozillaPlugins] [HKEY_LOCAL_MACHINE\Software\Nokia] [HKEY_LOCAL_MACHINE\Software\Norton] [HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation] [HKEY_LOCAL_MACHINE\Software\ODBC] [HKEY_LOCAL_MACHINE\Software\OldTimer Tools] [HKEY_LOCAL_MACHINE\Software\OpenOffice] [HKEY_LOCAL_MACHINE\Software\Panda Software] [HKEY_LOCAL_MACHINE\Software\PC Connectivity Solution] [HKEY_LOCAL_MACHINE\Software\PDFCreator] [HKEY_LOCAL_MACHINE\Software\Realtek] [HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.] [HKEY_LOCAL_MACHINE\Software\Research In Motion] [HKEY_LOCAL_MACHINE\Software\Samsung] [HKEY_LOCAL_MACHINE\Software\Samsung Electronics Co., Ltd.] [HKEY_LOCAL_MACHINE\Software\Skype] [HKEY_LOCAL_MACHINE\Software\SweetIM] [HKEY_LOCAL_MACHINE\Software\Symantec] [HKEY_LOCAL_MACHINE\Software\SymNRT] [HKEY_LOCAL_MACHINE\Software\Volatile] [HKEY_LOCAL_MACHINE\Software\WildTangent] [HKEY_LOCAL_MACHINE\Software\Wow6432Node] [HKEY_LOCAL_MACHINE\Software\X-AVCSD] [HKEY_LOCAL_MACHINE\Software\Classes] [HKEY_LOCAL_MACHINE\Software\Clients] [HKEY_LOCAL_MACHINE\Software\Policies] [HKEY_LOCAL_MACHINE\Software\RegisteredApplications] [color=#A23BEC]< %Homedrive%\* >[/color] [2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys [2012/12/15 19:43:56 | 000,000,040 | ---- | M] () -- C:\log.txt [2014/03/29 10:42:31 | 4204,314,624 | -HS- | M] () -- C:\pagefile.sys [2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/12/15 22:34:04 | 000,002,528 | ---- | M] () -- C:\{8941B3CA-6F12-4200-A159-0976869F9F4B} [color=#A23BEC]< %Homedrive%\*. >[/color] [2012/10/27 11:40:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2014/03/29 10:39:04 | 000,000,000 | ---D | M] -- C:\AdwCleaner [2014/03/29 10:46:42 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011/08/26 07:33:26 | 000,000,000 | ---D | M] -- C:\Intel [2013/08/02 23:52:26 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009/07/14 03:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2014/03/15 09:21:00 | 000,000,000 | R--D | M] -- C:\Program Files [2014/03/29 10:37:15 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2014/03/29 10:36:42 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012/02/11 17:56:15 | 000,000,000 | -HSD | M] -- C:\Recovery [2014/03/29 11:00:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2013/12/03 08:09:11 | 000,000,000 | ---D | M] -- C:\Temp [2012/02/11 17:57:39 | 000,000,000 | R--D | M] -- C:\Users [2014/03/08 08:47:57 | 000,000,000 | ---D | M] -- C:\Windows [color=#A23BEC]< %Userprofile%\* >[/color] [2014/01/22 12:07:54 | 000,000,000 | ---- | M] () -- C:\Users\Maxime\daemonprocess.txt [2012/02/11 18:00:13 | 000,000,148 | ---- | M] () -- C:\Users\Maxime\DiskScrP.txt [2014/03/29 11:07:27 | 013,631,488 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat [2014/03/29 11:07:27 | 000,262,144 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat.LOG1 [2012/02/11 17:57:39 | 000,000,000 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat.LOG2 [2012/02/11 18:45:48 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012/02/11 18:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012/02/11 18:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012/12/13 22:09:37 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TM.blf [2012/12/13 22:09:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2012/12/13 22:09:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{40b5e2fb-44b4-11e2-994f-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/08/02 15:31:00 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TM.blf [2013/08/02 15:31:00 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/08/02 15:31:00 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{54261e9c-fb83-11e2-aff7-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/08/28 20:02:23 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TM.blf [2013/08/28 20:02:23 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/08/28 20:02:23 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{764c1e95-0fa4-11e3-8a94-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/09/25 17:40:14 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TM.blf [2013/09/25 17:40:14 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/09/25 17:40:14 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{80d7b5d4-1f61-11e3-9175-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/07/11 08:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TM.blf [2013/07/11 08:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/07/11 08:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{a69cff92-e970-11e2-9139-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/05/19 17:56:34 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TM.blf [2013/05/19 17:56:34 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/05/19 17:56:34 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b72b6152-bfed-11e2-b5a2-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/06/24 16:33:05 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TM.blf [2013/06/24 16:33:05 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/06/24 16:33:05 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{b8fb50d1-dcb7-11e2-86f7-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/02/13 09:18:30 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TM.blf [2013/02/13 09:18:30 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/02/13 09:18:30 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{c7be2e5f-75bb-11e2-ba81-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2013/06/28 18:51:03 | 000,065,536 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TM.blf [2013/06/28 18:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TMContainer00000000000000000001.regtrans-ms [2013/06/28 18:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\Maxime\ntuser.dat{fd04f5b1-dfdc-11e2-86d5-dca97170996d}.TMContainer00000000000000000002.regtrans-ms [2012/02/11 17:57:39 | 000,000,020 | -HS- | M] () -- C:\Users\Maxime\ntuser.ini [color=#A23BEC]< %Userprofile%\*. >[/color] [2014/01/22 12:08:26 | 000,000,000 | ---D | M] -- C:\Users\Maxime\.android [2013/11/12 06:48:47 | 000,000,000 | -H-D | M] -- C:\Users\Maxime\AppData [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Application Data [2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Contacts [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Cookies [2014/03/29 10:38:38 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Desktop [2014/03/29 10:38:37 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Documents [2014/03/29 10:49:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Downloads [2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Favorites [2013/09/12 08:08:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Links [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Local Settings [2013/11/03 16:57:15 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Music [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\My Documents [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\NetHood [2012/02/11 13:00:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\pick&zip [2014/01/26 14:22:57 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Pictures [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\PrintHood [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Recent [2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Saved Games [2013/09/12 07:11:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Searches [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\SendTo [2013/09/12 08:08:33 | 000,000,000 | R--D | M] -- C:\Users\Maxime\SkyDrive [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Start Menu [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\Templates [2014/03/02 09:23:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\Tracing [2013/09/17 15:21:26 | 000,000,000 | R--D | M] -- C:\Users\Maxime\Videos [color=#A23BEC]< %Allusersprofile%\* >[/color] [2014/03/19 16:52:37 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011/08/26 08:42:50 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2011/08/26 08:35:25 | 000,000,113 | ---- | M] () -- C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log [2011/08/26 08:40:15 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2011/08/26 08:39:22 | 000,000,106 | ---- | M] () -- C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log [2011/08/26 08:42:16 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [color=#A23BEC]< %Allusersprofile%\*. >[/color] [2013/06/28 10:42:37 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013/02/05 15:47:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe [2013/05/05 20:02:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple [2013/05/05 20:06:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2013/08/27 11:54:49 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software [2013/04/24 08:16:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira [2013/08/27 09:46:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Backup [2014/03/08 08:51:10 | 000,000,000 | ---D | M] -- C:\ProgramData\CDB [2012/02/11 11:10:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files [2012/11/02 19:14:27 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink [2013/11/16 15:22:49 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2012/06/25 13:24:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Hewlett-Packard [2013/06/12 14:15:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations [2011/08/26 07:41:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel [2011/08/26 07:40:16 | 000,000,000 | ---D | M] -- C:\ProgramData\KNOWHOW [2012/02/15 15:07:20 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee [2013/08/28 14:40:19 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee Security Scan [2014/02/25 08:06:55 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft [2014/03/13 06:28:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help [2013/09/12 08:08:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft SkyDrive [2013/11/16 16:16:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Toolkit [2012/10/25 14:17:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla [2013/09/17 15:21:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton [2013/08/25 20:39:16 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller [2011/08/26 08:06:14 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA [2011/08/26 07:34:41 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation [2013/08/27 09:44:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Panda Security [2012/06/13 20:54:03 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite [2013/02/13 08:11:58 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings [2013/09/12 07:21:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Promote Installer [2012/06/19 18:31:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Research In Motion [2011/08/27 01:55:59 | 000,000,000 | ---D | M] -- C:\ProgramData\SAMSUNG [2014/02/19 10:45:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2013/02/11 17:03:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun [2011/08/26 07:49:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Symantec [2014/03/05 17:41:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp [2009/07/14 05:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2012/03/14 05:36:31 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications [2011/08/26 07:48:50 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent [2013/08/28 14:40:21 | 000,000,000 | ---D | M] -- C:\ProgramData\WinClon [color=#A23BEC]< %LocalAppData%\* >[/color] [2013/11/22 08:44:15 | 000,122,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\GDIPFONTCACHEV1.DAT [2014/03/29 10:40:53 | 002,758,228 | -H-- | M] () -- C:\Users\Maxime\AppData\Local\IconCache.db [1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ] [color=#A23BEC]< %LocalAppData%\*. >[/color] [2012/02/15 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Adobe [2012/06/16 21:23:13 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple [2013/05/05 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple Computer [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Application Data [2013/10/05 16:59:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\avgchrome [2014/01/27 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\cache [2014/03/29 10:50:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CrashDumps [2013/04/10 19:18:57 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CRE [2014/03/24 18:28:00 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Diagnostics [2014/01/28 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\ElevatedDiagnostics [2012/02/11 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\eMusic [2012/02/11 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Google [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\History [2014/02/08 11:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Macromedia [2013/11/22 08:43:03 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft [2013/02/07 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft Help [2012/02/11 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Mozilla [2012/02/11 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Power2Go [2013/02/05 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Programs [2012/06/19 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Research In Motion [2012/02/11 12:21:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Samsung [2012/03/13 10:34:17 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\SoftGrid Client [2014/03/29 11:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Temp [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Temporary Internet Files [2013/04/08 08:14:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Updater12765 [2013/09/12 07:39:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\VirtualStore [2012/05/21 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Windows Live [2012/08/10 21:41:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1A1C9D08-22E2-43D1-BA17-C5D1E872C58F} [2012/03/04 14:46:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1AEE7ED5-3389-497A-AB92-AEBFDB62A0F7} [2012/04/15 16:41:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{20881E20-55C1-4872-AC97-9DA14AC54410} [2012/05/08 14:41:53 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{3E542390-8345-4718-8C82-BC1BC322E573} [2013/07/18 20:31:58 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{4F3C4D4A-C220-4DC1-884F-6D9192FC0873} [2013/12/06 12:41:45 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{517150EF-8DD2-46AA-978C-4F6BBB807A6F} [2012/07/24 12:00:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{524CB40C-5FA2-48CF-9001-7980A0955D86} [2012/10/17 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{55C2E60C-2D46-4FEE-96BA-670803192EED} [2012/08/11 09:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{59B93D75-88BA-48CA-B76C-98CC12AE0428} [2012/03/04 16:03:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{690D2DE4-82D2-43E3-978A-EA15E4A4292D} [2012/05/21 21:52:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{76A24D48-C567-4A40-B618-4D9C6BC18851} [2013/02/11 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{78129D96-FD4F-429D-B8A7-D6322EF8A4F4} [2012/09/27 06:55:05 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{7A17DFEF-2E26-41E7-9B71-6EA311EB0F94} [2012/05/21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8A271550-BC96-4382-94B3-D2A82EA46D9D} [2012/05/08 14:41:43 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8C2757A5-5697-49A7-93E1-E7855F72B851} [2013/11/17 10:54:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{A29726AA-092F-47CA-AF45-9CD09DD3275C} [2012/09/18 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{AE470A90-4A24-4875-A71A-F2D3FF2AF89B} [2012/07/24 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{BF03D2DB-4284-4764-B45D-34A8F85E5F31} [2012/05/21 21:52:10 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C3AF7CEE-0995-49B3-9B13-5A661695E428} [2012/08/10 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C6E9C7BF-900A-477D-AE8A-4B5DABF6F3D1} [2012/11/22 16:37:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{D9C8E85D-E3E1-456E-A18A-E242B2CA6229} [2012/05/21 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{F960F993-91DF-4C2D-A7BA-05E2669C3F08} [color=#A23BEC]< %programFiles%\* >[/color] [2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %programFiles%\*. >[/color] [2013/02/05 15:45:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2012/06/16 21:23:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update [2013/04/24 08:16:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira [2013/05/05 20:00:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour [2014/03/29 10:36:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BuzzSearch [2014/03/29 10:37:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2011/08/26 08:44:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink [2013/11/16 15:21:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite [2014/01/22 12:08:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ffdshow [2013/10/05 16:57:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free MP3 Sound Recorder [2012/06/25 14:24:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free PDF to Word Converter [2013/10/05 16:57:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\i-beta [2013/08/27 09:44:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2012/02/11 18:02:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel [2014/03/13 06:53:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2013/06/28 10:42:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes [2013/02/11 17:01:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java [2011/08/26 07:40:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KNOWHOW [2013/11/16 14:40:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft [2013/11/21 18:21:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services [2013/11/21 18:20:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2014/03/13 06:55:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight [2013/09/12 08:08:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SkyDrive [2011/08/26 08:20:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2013/11/21 18:22:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013/11/21 18:23:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2014/03/29 10:46:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2012/11/01 00:41:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/11/21 18:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2012/12/28 10:52:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache [2012/02/11 11:10:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MultiMi [2013/08/25 20:40:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton 360 [2013/08/25 20:39:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller [2011/08/26 07:35:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation [2013/11/16 17:39:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4 [2013/09/04 13:32:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Panda Security [2012/06/13 20:53:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Connectivity Solution [2013/06/03 14:03:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Architect [2013/08/27 11:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDFCreator [2013/06/28 10:37:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime [2014/03/05 17:40:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Re-markit-soft [2011/08/26 07:36:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek [2009/07/14 05:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2012/06/19 18:30:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Research In Motion [2012/04/16 19:10:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Research In Motion Limited [2011/08/26 08:56:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung [2014/01/22 12:02:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SecretSauce [2014/03/29 10:46:37 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype [2012/02/11 12:14:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Social Tools, Inc [2011/08/26 07:49:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec [2011/08/26 07:36:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp [2009/07/14 04:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2011/08/26 07:48:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames [2013/07/11 08:58:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2011/08/26 08:33:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live [2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2013/12/15 14:23:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2009/07/14 05:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2010/11/21 03:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2010/11/21 07:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar [2013/02/13 16:44:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yawcam [color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color] [2014/03/29 10:46:32 | 000,090,112 | ---- | M] () -- C:\windows\Temp\certutil.exe [2014/02/18 16:56:48 | 001,542,696 | ---- | M] (McAfee, Inc.) -- C:\windows\Temp\contentDATs.exe [2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsn672F.exe [2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsn675D.exe [2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nssDEBF.exe [2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\windows\Temp\nsx4B56.exe [2014/02/18 16:56:13 | 008,325,256 | ---- | M] (McAfee, Inc.) -- C:\windows\Temp\SecurityScan_Release.exe [26 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color] [2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\*.in* >[/color] [2013/11/21 19:04:54 | 000,016,284 | ---- | M] () -- C:\windows\system32\ieuinit.inf [2013/02/11 16:58:16 | 000,000,620 | ---- | M] () -- C:\windows\system32\InstallUtil.InstallLog [2009/07/14 04:55:01 | 000,000,535 | ---- | M] () -- C:\windows\system32\mapisvc.inf [2014/02/26 17:37:09 | 000,766,780 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI [2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\* >[/color] [2014/03/29 10:31:38 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job [2014/03/26 18:19:27 | 000,000,378 | ---- | M] () -- C:\windows\Tasks\APSnotifierCA.job [2014/03/28 15:21:01 | 000,000,860 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001Core.job [2014/03/29 10:21:00 | 000,000,912 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3697776081-4079981704-496958710-1001UA.job [2014/03/15 09:18:16 | 000,000,302 | ---- | M] () -- C:\windows\Tasks\PCHelpers1st.job [2014/03/29 11:00:00 | 000,000,302 | ---- | M] () -- C:\windows\Tasks\PCHelpers_period.job [2014/03/29 10:43:07 | 000,000,392 | ---- | M] () -- C:\windows\Tasks\Re-markit_wd.job [2014/03/29 10:42:38 | 000,000,006 | -H-- | M] () -- C:\windows\Tasks\SA.DAT [2014/03/15 08:18:56 | 000,032,620 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#A23BEC]< %systemroot%\Tasks\*. >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color] [2009/07/14 03:20:14 | 000,000,000 | ---D | M] -- C:\windows\system32\Tasks\Microsoft [color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color] [2013/12/22 09:21:55 | 001,019,944 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IExplorerMinibarInstaller[1].exe [2014/02/20 15:38:23 | 000,000,000 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IExplorerMinibarInstaller[2].exe [2013/03/05 15:07:39 | 001,152,168 | ---- | M] (McAfee, Inc.) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLAV1ALL\contentDATs[1].exe [2013/04/08 08:38:46 | 002,309,160 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\BBUpdate[1].EXE [2013/02/19 16:14:04 | 003,793,216 | ---- | M] (McAfee, Inc.) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\SecurityScan_Release[1].exe [2013/05/24 20:16:59 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B8LYF0\wajam_update[1].exe [2013/04/24 08:11:19 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W609P8WO\wajam_update[1].exe [2013/05/15 19:13:18 | 000,069,784 | ---- | M] () -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W609P8WO\wajam_update[2].exe [2013/02/13 09:11:31 | 002,202,168 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YL02F17B\BBUpdate[1].EXE [2013/01/19 17:20:52 | 008,282,192 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YL02F17B\BingBarSetup-Partner[1].EXE [color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.sys >[/color] [color=#A23BEC]< %temp%\*.exe /s >[/color] [2014/03/05 17:41:00 | 010,365,728 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\BackupSetup.exe [2014/01/31 02:59:00 | 000,847,640 | ---- | M] (Google Inc.) -- C:\Users\Maxime\AppData\Local\Temp\GoogleUpdateSetup.exe612c60c [2014/03/09 18:17:20 | 001,297,080 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\ICReinstall_PDFWriterSetup.exe [2014/02/17 17:32:23 | 000,588,672 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\ICReinstall_Setup (9).exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsa7CD4.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsa850F.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsaDE13.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsaE564.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk1528.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk717D.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk7E4B.exe [2014/02/06 12:48:46 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsk86F0.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp28C9.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp6D58.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsp762F.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nspBFF7.exe [2014/02/03 10:17:16 | 000,167,812 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsu2011.exe [2014/03/13 22:13:50 | 000,918,016 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\Quarantine.exe [2014/03/08 08:49:27 | 010,377,856 | ---- | M] (Reimage®) -- C:\Users\Maxime\AppData\Local\Temp\ReimagePackage.exe [2014/03/08 08:47:49 | 000,759,448 | ---- | M] (Reimage®) -- C:\Users\Maxime\AppData\Local\Temp\ReimageRepair.exe [2014/02/06 15:29:30 | 006,180,176 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\SPSetup.exe [2013/12/19 12:22:58 | 000,056,352 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\Uni000.exe [2014/03/05 17:41:15 | 004,961,800 | ---- | M] (Microsoft Corporation) -- C:\Users\Maxime\AppData\Local\Temp\vcredist_x64.exe [373 C:\Users\Maxime\AppData\Local\Temp\*.tmp files -> C:\Users\Maxime\AppData\Local\Temp\*.tmp -> ] [2014/03/05 17:40:31 | 006,602,128 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\{4F7CB5C5-A642-41AF-ADB4-B87ACB1DF6D2}\setup.exe [2014/02/15 14:50:31 | 006,602,128 | ---- | M] ( ) -- C:\Users\Maxime\AppData\Local\Temp\{FBCD770B-BEDA-4305-985A-6F7B43E7ED31}\setup.exe [2014/02/15 14:47:47 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\android.exe [2014/02/15 14:47:31 | 002,592,168 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\spidentifierimpl.exe [2014/02/15 14:51:25 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\Cloud_Backup_Setup.exe [2014/02/15 14:51:21 | 006,742,197 | ---- | M] (Cehdhxguc) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\feven-pro.exe [2014/02/15 14:49:57 | 003,277,472 | ---- | M] (FREESOFTTODAY ) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\Freesofttoday.exe [2014/02/15 14:51:54 | 009,820,560 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\New_Player.exe [2014/02/15 14:50:52 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\OptimizerPro.exe [2014/02/15 14:48:55 | 000,066,368 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\1c52a538-566f-4126-b5b8-4e65a44db6db\software\sp-downloader.exe [2014/03/05 17:40:44 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\Cloud_Backup_Setup.exe [2014/03/05 17:40:30 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\OptimizerPro.exe [2014/03/05 17:40:42 | 006,603,238 | ---- | M] (Iscyxzc) -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\videoforpc.exe [2014/03/05 17:40:43 | 000,212,866 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\27398423-032d-4959-93a8-cead25ed3bc7\software\VOPackage.exe [2013/11/26 09:16:38 | 000,486,400 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\449676nsv8521\sqlite3.exe [2014/02/04 16:20:18 | 000,025,088 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\android\android.exe [2014/03/15 08:49:39 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\android.exe [2014/03/15 08:50:26 | 006,559,625 | ---- | M] (Nqjfylo) -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\software\fiv_en.exe [2014/03/15 08:51:16 | 001,792,816 | ---- | M] (Viracure Limited) -- C:\Users\Maxime\AppData\Local\Temp\ba9f1eaf-8f0f-4de8-8d1f-c98214fdc8ff\software\OptimizerEliteMax.exe [2014/02/15 14:47:53 | 000,514,854 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\android.exe [2014/02/15 14:47:33 | 002,592,168 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\spidentifierimpl.exe [2014/02/15 14:50:53 | 000,073,840 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\Cloud_Backup_Setup.exe [2014/02/15 14:50:51 | 006,742,197 | ---- | M] (Cehdhxguc) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\feven-pro.exe [2014/02/15 14:48:50 | 003,277,472 | ---- | M] (FREESOFTTODAY ) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\Freesofttoday.exe [2014/02/15 14:51:28 | 009,820,560 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\New_Player.exe [2014/02/15 14:50:31 | 006,967,304 | ---- | M] () -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\OptimizerPro.exe [2014/02/15 14:48:25 | 000,066,368 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\e4a2ed15-2e1c-45b3-84b6-9a6f86067551\software\sp-downloader.exe [2014/01/14 18:28:48 | 000,116,608 | ---- | M] (北京暴风科技股份有限公司) -- C:\Users\Maxime\AppData\Local\Temp\fullpackage_temp1390392160\Baofeng.exe [2014/01/22 12:04:29 | 004,491,312 | ---- | M] (337 Technology Limited.) -- C:\Users\Maxime\AppData\Local\Temp\fullpackage_temp1390392160\tmp\desk365.exe [2014/02/12 12:01:18 | 000,407,848 | ---- | M] (Software ) -- C:\Users\Maxime\AppData\Local\Temp\is-F21PQ.tmp\package_SelectionTool_installer_multilang.exe [2014/02/15 14:48:49 | 005,987,944 | ---- | M] (Conduit) -- C:\Users\Maxime\AppData\Local\Temp\nsf53DC\SpSetup.exe [2013/12/13 08:02:27 | 001,706,056 | ---- | M] (Iminent) -- C:\Users\Maxime\AppData\Local\Temp\RarSFX0\Binaries\IExploreInstaller.exe [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2012/07/22 10:47:52 | 003,459,512 | ---- | M] (Zbang.it) -- C:\Users\Maxime\AppData\Roaming\MultiMi\MultiMiSetup_1.0.6.11596_sweetim.exe [2012/07/04 21:46:37 | 003,323,960 | ---- | M] (ZBANG IT LTD) -- C:\Users\Maxime\AppData\Roaming\MultiMi\Implementation\MultiMiUi.exe [2012/07/04 21:46:37 | 003,323,960 | ---- | M] (ZBANG IT LTD) -- C:\Users\Maxime\AppData\Roaming\MultiMi\ImplementationBackup\MultiMiUi.exe [2012/06/19 18:41:05 | 112,927,096 | ---- | M] () -- C:\Users\Maxime\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\Extractor.exe [color=#A23BEC]< %LocalAppData%\* >[/color] [2013/11/22 08:44:15 | 000,122,616 | ---- | M] () -- C:\Users\Maxime\AppData\Local\GDIPFONTCACHEV1.DAT [2014/03/29 10:40:53 | 002,758,228 | -H-- | M] () -- C:\Users\Maxime\AppData\Local\IconCache.db [1 C:\Users\Maxime\AppData\Local\*.tmp files -> C:\Users\Maxime\AppData\Local\*.tmp -> ] [color=#A23BEC]< %LocalAppData%\*. >[/color] [2012/02/15 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Adobe [2012/06/16 21:23:13 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple [2013/05/05 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Apple Computer [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Application Data [2013/10/05 16:59:47 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\avgchrome [2014/01/27 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\cache [2014/03/29 10:50:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CrashDumps [2013/04/10 19:18:57 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\CRE [2014/03/24 18:28:00 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Diagnostics [2014/01/28 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\ElevatedDiagnostics [2012/02/11 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\eMusic [2012/02/11 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Google [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\History [2014/02/08 11:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Macromedia [2013/11/22 08:43:03 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft [2013/02/07 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Microsoft Help [2012/02/11 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Mozilla [2012/02/11 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Power2Go [2013/02/05 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Programs [2012/06/19 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Research In Motion [2012/02/11 12:21:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Samsung [2012/03/13 10:34:17 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\SoftGrid Client [2014/03/29 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Temp [2012/02/11 17:57:39 | 000,000,000 | -HSD | M] -- C:\Users\Maxime\AppData\Local\Temporary Internet Files [2013/04/08 08:14:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Updater12765 [2013/09/12 07:39:34 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\VirtualStore [2012/05/21 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\Windows Live [2012/08/10 21:41:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1A1C9D08-22E2-43D1-BA17-C5D1E872C58F} [2012/03/04 14:46:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{1AEE7ED5-3389-497A-AB92-AEBFDB62A0F7} [2012/04/15 16:41:29 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{20881E20-55C1-4872-AC97-9DA14AC54410} [2012/05/08 14:41:53 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{3E542390-8345-4718-8C82-BC1BC322E573} [2013/07/18 20:31:58 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{4F3C4D4A-C220-4DC1-884F-6D9192FC0873} [2013/12/06 12:41:45 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{517150EF-8DD2-46AA-978C-4F6BBB807A6F} [2012/07/24 12:00:07 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{524CB40C-5FA2-48CF-9001-7980A0955D86} [2012/10/17 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{55C2E60C-2D46-4FEE-96BA-670803192EED} [2012/08/11 09:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{59B93D75-88BA-48CA-B76C-98CC12AE0428} [2012/03/04 16:03:02 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{690D2DE4-82D2-43E3-978A-EA15E4A4292D} [2012/05/21 21:52:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{76A24D48-C567-4A40-B618-4D9C6BC18851} [2013/02/11 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{78129D96-FD4F-429D-B8A7-D6322EF8A4F4} [2012/09/27 06:55:05 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{7A17DFEF-2E26-41E7-9B71-6EA311EB0F94} [2012/05/21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8A271550-BC96-4382-94B3-D2A82EA46D9D} [2012/05/08 14:41:43 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{8C2757A5-5697-49A7-93E1-E7855F72B851} [2013/11/17 10:54:31 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{A29726AA-092F-47CA-AF45-9CD09DD3275C} [2012/09/18 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{AE470A90-4A24-4875-A71A-F2D3FF2AF89B} [2012/07/24 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{BF03D2DB-4284-4764-B45D-34A8F85E5F31} [2012/05/21 21:52:10 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C3AF7CEE-0995-49B3-9B13-5A661695E428} [2012/08/10 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{C6E9C7BF-900A-477D-AE8A-4B5DABF6F3D1} [2012/11/22 16:37:20 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{D9C8E85D-E3E1-456E-A18A-E242B2CA6229} [2012/05/21 21:44:54 | 000,000,000 | ---D | M] -- C:\Users\Maxime\AppData\Local\{F960F993-91DF-4C2D-A7BA-05E2669C3F08} [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2014/03/29 10:42:25 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys [2012/12/15 19:43:56 | 000,000,040 | ---- | M] () -- C:\log.txt [2014/03/29 10:42:31 | 4204,314,624 | -HS- | M] () -- C:\pagefile.sys [2014/03/29 11:00:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/12/15 22:34:04 | 000,002,528 | ---- | M] () -- C:\{8941B3CA-6F12-4200-A159-0976869F9F4B} [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 06:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/21 03:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010/11/21 03:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe [2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2011/03/01 08:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe [2011/03/01 08:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe [2011/03/01 08:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe [2011/03/01 08:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe [2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe [2011/03/01 08:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe [2011/03/01 08:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe [2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe [2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [color=#E56717]========== Base Services ==========[/color] SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b]64bit:[/b] - [2013/02/27 05:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b]64bit:[/b] - [2009/07/14 01:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b]64bit:[/b] - [2010/11/21 03:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b]64bit:[/b] - [2010/11/21 03:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE) SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b]64bit:[/b] - [2009/07/14 01:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV - [2009/07/14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV:[b]64bit:[/b] - [2012/07/04 22:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b]64bit:[/b] - [2013/07/09 05:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV - [2013/07/09 04:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV:[b]64bit:[/b] - [2010/11/21 03:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b]64bit:[/b] - [2010/11/21 03:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2010/11/21 03:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2011/03/03 06:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b]64bit:[/b] - [2009/07/14 01:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b]64bit:[/b] - [2009/07/14 01:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV - [2009/07/14 01:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV:[b]64bit:[/b] - [2009/07/14 01:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b]64bit:[/b] - [2010/11/21 03:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b]64bit:[/b] - [2009/07/14 01:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b]64bit:[/b] - [2009/07/14 01:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b]64bit:[/b] - [2009/07/14 01:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b]64bit:[/b] - [2009/07/14 01:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV - [2009/07/14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV:[b]64bit:[/b] - [2012/10/03 17:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b]64bit:[/b] - [2011/05/24 11:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b]64bit:[/b] - [2012/02/11 06:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) No service found with a name of EMDMgmt SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b]64bit:[/b] - [2010/11/21 03:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b]64bit:[/b] - [2010/11/21 03:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b]64bit:[/b] - [2010/11/21 03:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b]64bit:[/b] - [2013/09/25 01:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b]64bit:[/b] - [2009/07/14 01:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc) SRV:[b]64bit:[/b] - [2010/11/21 03:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2010/11/21 03:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b]64bit:[/b] - [2010/11/21 03:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2010/11/21 03:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b]64bit:[/b] - [2009/07/14 01:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b]64bit:[/b] - [2012/05/01 05:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS) SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv) SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2010/11/21 03:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC) SRV:[b]64bit:[/b] - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2010/11/21 03:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog) SRV:[b]64bit:[/b] - [2010/11/21 03:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b]64bit:[/b] - [2010/11/21 03:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b]64bit:[/b] - [2010/11/21 03:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver) SRV - [2010/11/21 03:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b]64bit:[/b] - [2012/06/02 22:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b]64bit:[/b] - [2010/11/21 03:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b]64bit:[/b] - [2010/11/21 03:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color] Volume in drive C has no label. Volume Serial Number is DA5F-586E Directory of C:\ 14/07/2009 05:08 Documents and Settings [C:\Users] 0 File(s) 0 bytes Directory of C:\ProgramData 14/07/2009 05:08 Application Data [C:\ProgramData] 14/07/2009 05:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 05:08 Documents [C:\Users\Public\Documents] 14/07/2009 05:08 Favorites [C:\Users\Public\Favorites] 14/07/2009 05:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 05:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users 14/07/2009 05:08 All Users [C:\ProgramData] 14/07/2009 05:08 Default User [C:\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\All Users 14/07/2009 05:08 Application Data [C:\ProgramData] 14/07/2009 05:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 05:08 Documents [C:\Users\Public\Documents] 14/07/2009 05:08 Favorites [C:\Users\Public\Favorites] 14/07/2009 05:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 05:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default 14/07/2009 05:08 Application Data [C:\Users\Default\AppData\Roaming] 14/07/2009 05:08 Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 14/07/2009 05:08 Local Settings [C:\Users\Default\AppData\Local] 14/07/2009 05:08 My Documents [C:\Users\Default\Documents] 14/07/2009 05:08 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14/07/2009 05:08 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 05:08 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14/07/2009 05:08 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14/07/2009 05:08 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14/07/2009 05:08 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 14/07/2009 05:08 Application Data [C:\Users\Default\AppData\Local] 14/07/2009 05:08 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 05:08 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 14/07/2009 05:08 My Music [C:\Users\Default\Music] 14/07/2009 05:08 My Pictures [C:\Users\Default\Pictures] 14/07/2009 05:08 My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Maxime 11/02/2012 17:57 Application Data [C:\Users\Maxime\AppData\Roaming] 11/02/2012 17:57 Cookies [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Cookies] 11/02/2012 17:57 Local Settings [C:\Users\Maxime\AppData\Local] 11/02/2012 17:57 My Documents [C:\Users\Maxime\Documents] 11/02/2012 17:57 NetHood [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 11/02/2012 17:57 PrintHood [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 11/02/2012 17:57 Recent [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Recent] 11/02/2012 17:57 SendTo [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\SendTo] 11/02/2012 17:57 Start Menu [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu] 11/02/2012 17:57 Templates [C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Maxime\AppData\Local 11/02/2012 17:57 Application Data [C:\Users\Maxime\AppData\Local] 11/02/2012 17:57 History [C:\Users\Maxime\AppData\Local\Microsoft\Windows\History] 11/02/2012 17:57 Temporary Internet Files [C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Maxime\Documents 11/02/2012 17:57 My Music [C:\Users\Maxime\Music] 11/02/2012 17:57 My Pictures [C:\Users\Maxime\Pictures] 11/02/2012 17:57 My Videos [C:\Users\Maxime\Videos] 0 File(s) 0 bytes Directory of C:\Users\Public\Documents 14/07/2009 05:08 My Music [C:\Users\Public\Music] 14/07/2009 05:08 My Pictures [C:\Users\Public\Pictures] 14/07/2009 05:08 My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser 26/08/2011 07:35 Application Data [C:\Users\UpdatusUser\AppData\Roaming] 26/08/2011 07:35 Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies] 26/08/2011 07:35 Local Settings [C:\Users\UpdatusUser\AppData\Local] 26/08/2011 07:35 My Documents [C:\Users\UpdatusUser\Documents] 26/08/2011 07:35 NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 26/08/2011 07:35 PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 26/08/2011 07:35 Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 26/08/2011 07:35 SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 26/08/2011 07:35 Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 26/08/2011 07:35 Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser\AppData\Local 26/08/2011 07:35 Application Data [C:\Users\UpdatusUser\AppData\Local] 26/08/2011 07:35 History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 26/08/2011 07:35 Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser\Documents 26/08/2011 07:35 My Music [C:\Users\UpdatusUser\Music] 26/08/2011 07:35 My Pictures [C:\Users\UpdatusUser\Pictures] 26/08/2011 07:35 My Videos [C:\Users\UpdatusUser\Videos] 0 File(s) 0 bytes Total Files Listed: 0 File(s) 0 bytes 66 Dir(s) 159,256,883,200 bytes free [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013/11/20 17:08:13 | 105,361,780 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\虺’ [2013/11/20 17:08:13 | 105,361,780 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\虺’ [2013/09/15 19:56:08 | 097,671,483 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\⡏緱‡ [2013/09/15 19:56:08 | 097,671,483 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\⡏緱‡ [2013/09/11 17:59:41 | 097,170,353 | ---- | M] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\㛻˜ [2013/09/11 17:59:41 | 097,170,353 | ---- | C] ()(C:\windows\SysWow64\????) -- C:\windows\SysWow64\㛻˜ [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720 < End of report >