Sujet Précédent Sujet Suivant

Virus : navigation vers page web annulée.

Fermé
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012 - 11 sept. 2012 à 00:20
 Utilisateur anonyme - 17 sept. 2012 à 21:23
Bonjour,

J'ai un virus sur mon pc. Quand il s'allume, l'écran est blanc et il écrit "navigation vers la page web annulée".

J'ai suivi la méthode décrite sur le site et ai booté avec un CD OTPLE : https://forum.malekal.com/viewtopic.php?t=23453&start=
Le rapport OTL se trouve là :
https://pjjoint.malekal.com/files.php?id=OTL_20120911_y14h5f14o7n15

Je n'y comprends rien! Quelqu'un pourrait-il m'aider?
Merci



<config>Windows XP Firefox 14.0.1</config>
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
Utilisateur anonyme
11 sept. 2012 à 00:25
Bonsoir

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

:OTL
[2012/07/21 06:01:28 | 000,002,349 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O20 - HKU\hantz_ON_E Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - E:\Users\hantz\AppData\Roaming\1.exe ()
[2012/08/21 08:12:43 | 000,000,000 | ---D | C] -- E:\Users\hantz\AppData\Roaming\Babylon
[2012/09/10 16:50:45 | 000,000,268 | ---- | M] () -- E:\Windows\tasks\AutoKMS.job
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- E:\Users\hantz\AppData\Roaming\1.exe
[2012/07/21 06:01:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2012/09/10 16:50:45 | 000,000,268 | ---- | M] () -- E:\Windows\Tasks\AutoKMS.job



tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse

@+
0
Réponse 2 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 00:39
Merci pour ta réponse rapide!!!

voici le rapport :

========== OTL ==========
File E:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
Registry key HKEY_USERS\hantz_ON_E\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File E:\Users\hantz\AppData\Roaming\1.exe not found.
Folder E:\Users\hantz\AppData\Roaming\Babylon\ not found.
File E:\Windows\tasks\AutoKMS.job not found.
File E:\Users\hantz\AppData\Roaming\1.exe not found.
Folder E:\ProgramData\Babylon\ not found.
File E:\Windows\Tasks\AutoKMS.job not found.

OTLPE by OldTimer - Version 3.1.48.0 log created on 09112012_023712

Merci
0
Utilisateur anonyme
11 sept. 2012 à 00:40
Tu es sur de ton script?
Ou tu l'as lancé 2 fois

@+
0
Réponse 3 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 00:45
je l'ai fait deux fois et j'ai toujours le même rapport.
Merci
0
Réponse 4 / 21
Utilisateur anonyme
11 sept. 2012 à 00:48
Re

Essaie de démarrer normalement Windows après avoir enlevé le CD
Cela devrait fonctionner

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 00:52
désolé mais ça ne marche pas. La page blanche s'affiche!!
Merci
0
Réponse 6 / 21
Utilisateur anonyme
11 sept. 2012 à 00:56
Et le Ctrl+Alt+Suppr

pour afficher le gestionnaire de tâches ne fonctionne pas?

@+
0
Réponse 7 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 00:58
Si il s'affiche mais quand je clique dessus, re-page blanche

Merci
0
Réponse 8 / 21
Utilisateur anonyme
11 sept. 2012 à 01:00
Re

On reprend avec OTLPE
Le même rapport d'analyse que précédemment
merci

@+
0
Réponse 9 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 01:47
j'ai refais un scan avec la méthode décrite au début du poste. Voici le rapport

OTL logfile created on: 9/11/2012 4:12:57 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.56 Mb Free Space | 75.57% Space Free | Partition Type: NTFS
Drive D: | 38.96 Gb Total Space | 10.62 Gb Free Space | 27.26% Space Free | Partition Type: NTFS
Drive E: | 193.82 Gb Total Space | 18.76 Gb Free Space | 9.68% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 1.12 Gb Free Space | 30.12% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV:[b]64bit:/b - [2011/05/10 09:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:/b - [2011/05/10 09:10:56 | 000,121,000 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:/b - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:/b - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/30 03:24:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/21 14:27:17 | 000,075,136 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 19:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/26 11:48:00 | 000,285,152 | ---- | M] () [Auto] -- D:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 10:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV:[b]64bit:/b - [2012/05/28 01:09:04 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:[b]64bit:/b - [2011/12/01 12:40:07 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:/b - [2011/08/10 11:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:/b - [2011/08/01 10:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\point64.sys -- (Point64)
DRV:[b]64bit:/b - [2011/05/10 08:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:/b - [2011/05/10 08:40:58 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot] -- D:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:/b - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:/b - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:/b - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:/b - [2010/02/03 05:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\npf.sys -- (NPF)
DRV:[b]64bit:/b - [2009/11/06 02:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:[b]64bit:/b - [2009/09/28 04:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:/b - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:/b - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:/b - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:/b - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:/b - [2007/01/19 12:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot] -- D:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:[b]64bit:/b - [2005/03/28 20:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>





[color=#E56717]========== FireFox ==========/color

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "fr.yahoo.com"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=108988&tt=2912_8&babsrc=KW_ss&mntrId=441395d0000000000000001b2f3f9909&q="


FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl: D:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/01 08:32:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/12/01 08:33:30 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Extensions
[2012/08/07 15:53:32 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Firefox\Profiles\soa2rskl.default\extensions
[2012/01/09 08:37:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2012/08/30 03:24:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/14 12:39:55 | 000,001,516 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/07/21 06:01:28 | 000,002,349 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/30 03:24:23 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/14 12:39:55 | 000,001,822 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/14 12:39:55 | 000,001,154 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/14 12:39:55 | 000,001,426 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/14 12:39:55 | 000,000,956 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:/b - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found
O2:[b]64bit:/b - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:/b - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - File not found
O2:[b]64bit:/b - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:/b - HKLM..\Run: [BCSSync] File not found
O4:[b]64bit:/b - HKLM..\Run: [IntelliPoint] D:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:/b - HKLM..\Run: [itype] D:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\hantz_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\hantz_ON_D..\Run: [gStart] D:\Program Files (x86)\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKU\hantz_ON_D..\Run: [KiesHelper] D:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\hantz_ON_D..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\hantz_ON_D..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:/b - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O13:[b]64bit:/b - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\hantz_ON_D Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - D:\Users\hantz\AppData\Roaming\1.exe ()
O21:[b]64bit:/b - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:/b - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:/b O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:/b O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:/b Base - Driver Group
SafeBootMin:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b Boot file system - Driver Group
SafeBootMin:[b]64bit:/b File system - Driver Group
SafeBootMin:[b]64bit:/b Filter - Driver Group
SafeBootMin:[b]64bit:/b HelpSvc - Service
SafeBootMin:[b]64bit:/b PCI Configuration - Driver Group
SafeBootMin:[b]64bit:/b PNP Filter - Driver Group
SafeBootMin:[b]64bit:/b Primary disk - Driver Group
SafeBootMin:[b]64bit:/b sacsvr - Service
SafeBootMin:[b]64bit:/b SCSI Class - Driver Group
SafeBootMin:[b]64bit:/b System Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b vmms - Service
SafeBootMin:[b]64bit:/b WinDefend - D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:/b Base - Driver Group
SafeBootNet:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b Boot file system - Driver Group
SafeBootNet:[b]64bit:/b File system - Driver Group
SafeBootNet:[b]64bit:/b Filter - Driver Group
SafeBootNet:[b]64bit:/b HelpSvc - Service
SafeBootNet:[b]64bit:/b Messenger - Service
SafeBootNet:[b]64bit:/b NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:/b NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:/b NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:/b Network - Driver Group
SafeBootNet:[b]64bit:/b NetworkProvider - Driver Group
SafeBootNet:[b]64bit:/b PCI Configuration - Driver Group
SafeBootNet:[b]64bit:/b PNP Filter - Driver Group
SafeBootNet:[b]64bit:/b PNP_TDI - Driver Group
SafeBootNet:[b]64bit:/b Primary disk - Driver Group
SafeBootNet:[b]64bit:/b rdsessmgr - Service
SafeBootNet:[b]64bit:/b sacsvr - Service
SafeBootNet:[b]64bit:/b SCSI Class - Driver Group
SafeBootNet:[b]64bit:/b Streams Drivers - Driver Group
SafeBootNet:[b]64bit:/b System Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b TDI - Driver Group
SafeBootNet:[b]64bit:/b vmms - Service
SafeBootNet:[b]64bit:/b WinDefend - D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:/b WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:/b {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:/b {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:/b {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:/b {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:/b {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:/b {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:/b {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:/b {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:/b {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:/b {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:/b {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:/b {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:/b {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:/b {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:/b {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:/b {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:/b {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:/b {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:/b {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:/b {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:/b {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:/b {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:/b {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:/b {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:/b >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:/b >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:/b >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:[b]64bit:/b aux - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b aux1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midi - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midi1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midimapper - D:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b mixer - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b mixer1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.imaadpcm - D:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.l3acm - D:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:/b msacm.msadpcm - D:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.msg711 - D:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.msgsm610 - D:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b MSVideo8 - D:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.i420 - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.IYUV - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.mrle - D:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.msvc - D:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.UYVY - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YUY2 - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YVU9 - D:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YVYU - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b wave - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b wave1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b wavemapper - D:\Windows\System32\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.l3acm - D:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - D:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2012/09/11 02:37:12 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/09/11 00:11:07 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/09/03 16:04:11 | 000,916,456 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/03 16:04:10 | 001,034,216 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:04:10 | 000,289,768 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:53 | 000,189,416 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:53 | 000,188,904 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:53 | 000,108,008 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:37 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012/09/02 16:37:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2012/09/02 16:37:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2012/09/02 16:37:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2012/09/02 16:37:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2012/09/02 16:37:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
[2012/09/02 16:37:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/02 16:37:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2012/09/02 16:37:42 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2012/09/02 16:37:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2012/09/02 16:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/02 16:37:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
[2012/09/02 16:37:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
[2012/09/02 16:37:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2012/09/02 16:37:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2012/09/02 16:37:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
[2012/09/02 16:37:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2012/09/02 16:37:39 | 002,312,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2012/09/02 16:37:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2012/09/02 16:37:39 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2012/09/02 16:37:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/02 16:37:39 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2012/09/02 16:37:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2012/09/02 16:37:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2012/09/02 16:37:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2012/09/02 16:37:39 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2012/09/02 16:37:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2012/09/02 16:37:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/02 16:37:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2012/09/02 16:37:39 | 000,114,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2012/09/02 16:37:39 | 000,111,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2012/09/02 16:37:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2012/09/02 16:37:39 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/02 16:37:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2012/09/02 16:37:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2012/09/02 16:37:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2012/09/02 16:37:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2012/09/02 16:37:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2012/09/02 16:37:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/02 16:37:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2012/09/02 16:37:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2012/09/02 16:37:38 | 000,697,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/02 16:37:38 | 000,603,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2012/09/02 16:37:38 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2012/09/02 16:37:38 | 000,452,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2012/09/02 16:37:38 | 000,448,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/02 16:37:38 | 000,282,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2012/09/02 16:37:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/02 16:37:38 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2012/09/02 16:37:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2012/09/02 16:37:38 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2012/09/02 16:37:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/02 16:37:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2012/09/02 16:37:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2012/09/02 16:37:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2012/09/02 16:37:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2012/09/02 16:37:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/08/21 14:24:49 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\PunkBuster
[2012/08/21 13:10:04 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012/08/21 13:09:22 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Apps
[2012/08/21 13:09:21 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Deployment
[2012/08/21 13:09:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_7.dll
[2012/08/21 13:09:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/21 13:09:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/21 13:09:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_43.dll
[2012/08/21 08:14:30 | 000,000,000 | ---D | C] -- D:\Kreapixel
[2012/08/21 08:12:43 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Babylon
[2012/08/21 08:08:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Java
[2012/08/21 08:08:00 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Oracle
[2012/08/21 08:07:32 | 000,772,544 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\npDeployJava1.dll
[2012/08/21 08:07:32 | 000,227,760 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaws.exe
[2012/08/21 08:07:10 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
[2012/08/21 08:07:09 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
[2012/08/21 05:44:19 | 003,552,768 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvui64.dll
[2012/08/21 05:44:19 | 000,838,136 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\drivers\bcmwlhigh664.sys
[2012/08/21 05:44:19 | 000,095,472 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmwlcoi.dll
[2012/08/21 05:44:18 | 003,888,128 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvsrv64.dll
[2012/08/21 05:44:17 | 001,436,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WdfCoInstaller01009.dll
[2012/08/21 05:44:17 | 000,025,312 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\System32\drivers\SCMNdisP.sys
[2012/08/21 05:44:14 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\wpcap.dll
[2012/08/21 05:44:14 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\Packet.dll
[2012/08/21 05:44:14 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\System32\drivers\npf.sys
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NETGEAR
[2012/08/15 03:24:20 | 000,503,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srcore.dll
[2012/08/15 03:24:16 | 000,751,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
[2012/08/15 03:24:16 | 000,492,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\win32spl.dll
[2012/08/15 03:24:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\splwow64.exe
[2012/08/15 03:24:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netapi32.dll
[2012/08/15 03:24:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browcli.dll
[2012/08/15 03:24:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\browcli.dll
[2012/08/15 03:23:42 | 000,956,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localspl.dll
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2012/09/10 20:57:26 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 20:57:26 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 20:52:28 | 000,000,268 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2012/09/10 20:52:10 | 000,001,062 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/10 20:51:19 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/09/10 20:51:14 | 1610,014,720 | -HS- | M] () -- D:\hiberfil.sys
[2012/09/10 19:17:11 | 000,001,078 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000UA.job
[2012/09/10 19:17:11 | 000,001,066 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/07 11:17:02 | 000,001,026 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000Core.job
[2012/09/04 04:57:06 | 000,000,687 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe
[2012/09/04 03:42:49 | 000,745,056 | ---- | M] () -- D:\Windows\System32\perfh00C.dat
[2012/09/04 03:42:49 | 000,651,938 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/09/04 03:42:49 | 000,148,574 | ---- | M] () -- D:\Windows\System32\perfc00C.dat
[2012/09/04 03:42:49 | 000,120,870 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/09/03 16:03:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:44 | 000,289,768 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:43 | 000,189,416 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:43 | 000,188,904 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:42 | 001,034,216 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:03:42 | 000,916,456 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/02 17:00:22 | 000,001,453 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/02 16:37:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:44 | 001,800,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 001,427,968 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---
0
Réponse 10 / 21
Utilisateur anonyme
Modifié par Guillaume5188 le 11/09/2012 à 01:53
Re

Tu t'es bien lourdé

Tu reprends bien comme ceci:
Si problème particulier je veux savoir

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

:OTL
[2012/07/21 06:01:28 | 000,002,349 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O20 - HKU\hantz_ON_E Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - E:\Users\hantz\AppData\Roaming\1.exe ()
[2012/08/21 08:12:43 | 000,000,000 | ---D | C] -- E:\Users\hantz\AppData\Roaming\Babylon
[2012/09/10 16:50:45 | 000,000,268 | ---- | M] () -- E:\Windows\tasks\AutoKMS.job
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- E:\Users\hantz\AppData\Roaming\1.exe
[2012/07/21 06:01:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2012/09/10 16:50:45 | 000,000,268 | ---- | M] () -- E:\Windows\Tasks\AutoKMS.job



tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse

@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
0
Réponse 11 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 02:00
J'ai recommencé. résultat du rapport :

========== OTL ==========
File E:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
Registry key HKEY_USERS\hantz_ON_E\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon not found.
File E:\Users\hantz\AppData\Roaming\1.exe not found.
Folder E:\Users\hantz\AppData\Roaming\Babylon\ not found.
File E:\Windows\tasks\AutoKMS.job not found.
File E:\Users\hantz\AppData\Roaming\1.exe not found.
Folder E:\ProgramData\Babylon\ not found.
File E:\Windows\Tasks\AutoKMS.job not found.

OTLPE by OldTimer - Version 3.1.48.0 log created on 09112012_045855
0
Réponse 12 / 21
Utilisateur anonyme
11 sept. 2012 à 02:05
Re

Oups ...

Tu disposes de Seven et non de Windows XP

On reprend avec OTLPE sous environnement Seven.
Télécharge ici : http://www.forums-fec.be/gen-hackman/7pe_x86_E.exe => OTLPE sous environnement windows 7 en CD Live (Merci à "g3n-h@ckm@n")

double-clique sur le fichier , patiente quelques secondes , puis un logiciel de gravure va s'ouvrir

insère un cd dans ton graveur puis clique sur "BURN ISO"

(normalement le fichier à graver est déjà sélectionné)
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour ce faire suivre ce lien : Booter sur un CD

Tu lances l'iso d'OTLPE que tu as gravé.
* Double-clique sur l'icone OTLPE
* Une fenêtre s'ouvre: « Choose Windows Directory »

Tu choisis le lecteur qui embarque Windows (C par défaut) et ensuite tu pointes vers ce fichier Windows.
Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
Tu cliques sur Oui
Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
La ligne en bas du tableau est cochée (sinon le faire)

Cliquer sur Ok


Tu cliques sur OK

Ensuite
* sous Custom Scan box
1) copie_colle le contenu du cadre ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.

@+
0
Réponse 13 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 02:22
Voilà!

OTL logfile created on: 9/11/2012 5:10:09 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.56 Mb Free Space | 75.57% Space Free | Partition Type: NTFS
Drive D: | 38.96 Gb Total Space | 10.62 Gb Free Space | 27.26% Space Free | Partition Type: NTFS
Drive E: | 193.82 Gb Total Space | 18.76 Gb Free Space | 9.68% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 1.12 Gb Free Space | 30.12% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV:[b]64bit:/b - [2011/05/10 09:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:/b - [2011/05/10 09:10:56 | 000,121,000 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:/b - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:/b - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/30 03:24:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/21 14:27:17 | 000,075,136 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 19:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/26 11:48:00 | 000,285,152 | ---- | M] () [Auto] -- D:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 10:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV:[b]64bit:/b - [2012/05/28 01:09:04 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:/b - [2011/12/08 00:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:[b]64bit:/b - [2011/12/01 12:40:07 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:/b - [2011/08/10 11:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:/b - [2011/08/01 10:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\point64.sys -- (Point64)
DRV:[b]64bit:/b - [2011/05/10 08:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:/b - [2011/05/10 08:40:58 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot] -- D:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:/b - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:/b - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:/b - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:/b - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:/b - [2010/02/03 05:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\npf.sys -- (NPF)
DRV:[b]64bit:/b - [2009/11/06 02:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:[b]64bit:/b - [2009/09/28 04:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:/b - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:/b - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:/b - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:/b - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:/b - [2007/01/19 12:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot] -- D:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:[b]64bit:/b - [2005/03/28 20:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>





[color=#E56717]========== FireFox ==========/color

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "fr.yahoo.com"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=108988&tt=2912_8&babsrc=KW_ss&mntrId=441395d0000000000000001b2f3f9909&q="


FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl: D:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/01 08:32:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/12/01 08:33:30 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Extensions
[2012/08/07 15:53:32 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Firefox\Profiles\soa2rskl.default\extensions
[2012/01/09 08:37:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2012/08/30 03:24:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/14 12:39:55 | 000,001,516 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/07/21 06:01:28 | 000,002,349 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/30 03:24:23 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/14 12:39:55 | 000,001,822 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/14 12:39:55 | 000,001,154 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/14 12:39:55 | 000,001,426 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/14 12:39:55 | 000,000,956 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:/b - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found
O2:[b]64bit:/b - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:/b - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - File not found
O2:[b]64bit:/b - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:/b - HKLM..\Run: [BCSSync] File not found
O4:[b]64bit:/b - HKLM..\Run: [IntelliPoint] D:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:/b - HKLM..\Run: [itype] D:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\hantz_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\hantz_ON_D..\Run: [gStart] D:\Program Files (x86)\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKU\hantz_ON_D..\Run: [KiesHelper] D:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\hantz_ON_D..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\hantz_ON_D..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:/b - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O13:[b]64bit:/b - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\hantz_ON_D Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - D:\Users\hantz\AppData\Roaming\1.exe ()
O21:[b]64bit:/b - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:/b - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:/b O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:/b O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:/b Base - Driver Group
SafeBootMin:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b Boot file system - Driver Group
SafeBootMin:[b]64bit:/b File system - Driver Group
SafeBootMin:[b]64bit:/b Filter - Driver Group
SafeBootMin:[b]64bit:/b HelpSvc - Service
SafeBootMin:[b]64bit:/b PCI Configuration - Driver Group
SafeBootMin:[b]64bit:/b PNP Filter - Driver Group
SafeBootMin:[b]64bit:/b Primary disk - Driver Group
SafeBootMin:[b]64bit:/b sacsvr - Service
SafeBootMin:[b]64bit:/b SCSI Class - Driver Group
SafeBootMin:[b]64bit:/b System Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b vmms - Service
SafeBootMin:[b]64bit:/b WinDefend - D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:/b AppMgmt - D:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:/b Base - Driver Group
SafeBootNet:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b Boot file system - Driver Group
SafeBootNet:[b]64bit:/b File system - Driver Group
SafeBootNet:[b]64bit:/b Filter - Driver Group
SafeBootNet:[b]64bit:/b HelpSvc - Service
SafeBootNet:[b]64bit:/b Messenger - Service
SafeBootNet:[b]64bit:/b NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:/b NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:/b NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:/b Network - Driver Group
SafeBootNet:[b]64bit:/b NetworkProvider - Driver Group
SafeBootNet:[b]64bit:/b PCI Configuration - Driver Group
SafeBootNet:[b]64bit:/b PNP Filter - Driver Group
SafeBootNet:[b]64bit:/b PNP_TDI - Driver Group
SafeBootNet:[b]64bit:/b Primary disk - Driver Group
SafeBootNet:[b]64bit:/b rdsessmgr - Service
SafeBootNet:[b]64bit:/b sacsvr - Service
SafeBootNet:[b]64bit:/b SCSI Class - Driver Group
SafeBootNet:[b]64bit:/b Streams Drivers - Driver Group
SafeBootNet:[b]64bit:/b System Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b TDI - Driver Group
SafeBootNet:[b]64bit:/b vmms - Service
SafeBootNet:[b]64bit:/b WinDefend - D:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:/b WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:/b {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:/b {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:/b {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:/b {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:/b {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:/b {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:/b {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:/b {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:/b {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:/b {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:/b {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:/b {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:/b {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:/b {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:/b {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:/b {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:/b {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:/b {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:/b {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:/b {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:/b {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:/b {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:/b {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:/b {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:/b >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:/b >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:/b >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:[b]64bit:/b aux - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b aux1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midi - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midi1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b midimapper - D:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b mixer - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b mixer1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.imaadpcm - D:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.l3acm - D:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:/b msacm.msadpcm - D:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.msg711 - D:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b msacm.msgsm610 - D:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32:[b]64bit:/b MSVideo8 - D:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.i420 - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.IYUV - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.mrle - D:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b vidc.msvc - D:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.UYVY - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YUY2 - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YVU9 - D:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b VIDC.YVYU - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:/b wave - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b wave1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:/b wavemapper - D:\Windows\System32\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.l3acm - D:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - D:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2012/09/11 02:37:12 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/09/11 00:11:07 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/09/03 16:04:11 | 000,916,456 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/03 16:04:10 | 001,034,216 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:04:10 | 000,289,768 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:53 | 000,189,416 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:53 | 000,188,904 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:53 | 000,108,008 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:37 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012/09/02 16:37:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2012/09/02 16:37:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2012/09/02 16:37:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2012/09/02 16:37:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2012/09/02 16:37:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
[2012/09/02 16:37:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/02 16:37:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2012/09/02 16:37:42 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2012/09/02 16:37:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2012/09/02 16:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/02 16:37:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
[2012/09/02 16:37:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
[2012/09/02 16:37:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2012/09/02 16:37:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2012/09/02 16:37:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
[2012/09/02 16:37:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2012/09/02 16:37:39 | 002,312,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2012/09/02 16:37:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2012/09/02 16:37:39 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2012/09/02 16:37:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/02 16:37:39 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2012/09/02 16:37:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2012/09/02 16:37:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2012/09/02 16:37:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2012/09/02 16:37:39 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2012/09/02 16:37:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2012/09/02 16:37:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/02 16:37:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2012/09/02 16:37:39 | 000,114,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2012/09/02 16:37:39 | 000,111,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2012/09/02 16:37:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2012/09/02 16:37:39 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/02 16:37:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2012/09/02 16:37:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2012/09/02 16:37:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2012/09/02 16:37:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2012/09/02 16:37:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2012/09/02 16:37:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/02 16:37:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2012/09/02 16:37:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2012/09/02 16:37:38 | 000,697,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/02 16:37:38 | 000,603,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2012/09/02 16:37:38 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2012/09/02 16:37:38 | 000,452,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2012/09/02 16:37:38 | 000,448,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/02 16:37:38 | 000,282,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2012/09/02 16:37:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/02 16:37:38 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2012/09/02 16:37:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2012/09/02 16:37:38 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2012/09/02 16:37:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/02 16:37:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2012/09/02 16:37:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2012/09/02 16:37:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2012/09/02 16:37:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2012/09/02 16:37:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/08/21 14:24:49 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\PunkBuster
[2012/08/21 13:10:04 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012/08/21 13:09:22 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Apps
[2012/08/21 13:09:21 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Deployment
[2012/08/21 13:09:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_7.dll
[2012/08/21 13:09:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/21 13:09:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/21 13:09:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_43.dll
[2012/08/21 08:14:30 | 000,000,000 | ---D | C] -- D:\Kreapixel
[2012/08/21 08:12:43 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Babylon
[2012/08/21 08:08:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Java
[2012/08/21 08:08:00 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Oracle
[2012/08/21 08:07:32 | 000,772,544 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\npDeployJava1.dll
[2012/08/21 08:07:32 | 000,227,760 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaws.exe
[2012/08/21 08:07:10 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
[2012/08/21 08:07:09 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
[2012/08/21 05:44:19 | 003,552,768 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvui64.dll
[2012/08/21 05:44:19 | 000,838,136 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\drivers\bcmwlhigh664.sys
[2012/08/21 05:44:19 | 000,095,472 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmwlcoi.dll
[2012/08/21 05:44:18 | 003,888,128 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvsrv64.dll
[2012/08/21 05:44:17 | 001,436,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WdfCoInstaller01009.dll
[2012/08/21 05:44:17 | 000,025,312 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\System32\drivers\SCMNdisP.sys
[2012/08/21 05:44:14 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\wpcap.dll
[2012/08/21 05:44:14 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\Packet.dll
[2012/08/21 05:44:14 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\System32\drivers\npf.sys
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NETGEAR
[2012/08/15 03:24:20 | 000,503,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srcore.dll
[2012/08/15 03:24:16 | 000,751,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
[2012/08/15 03:24:16 | 000,492,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\win32spl.dll
[2012/08/15 03:24:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\splwow64.exe
[2012/08/15 03:24:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netapi32.dll
[2012/08/15 03:24:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browcli.dll
[2012/08/15 03:24:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\browcli.dll
[2012/08/15 03:23:42 | 000,956,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localspl.dll
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2012/09/10 20:57:26 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 20:57:26 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 20:52:28 | 000,000,268 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2012/09/10 20:52:10 | 000,001,062 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/10 20:51:19 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/09/10 20:51:14 | 1610,014,720 | -HS- | M] () -- D:\hiberfil.sys
[2012/09/10 19:17:11 | 000,001,078 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000UA.job
[2012/09/10 19:17:11 | 000,001,066 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/07 11:17:02 | 000,001,026 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000Core.job
[2012/09/04 04:57:06 | 000,000,687 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe
[2012/09/04 03:42:49 | 000,745,056 | ---- | M] () -- D:\Windows\System32\perfh00C.dat
[2012/09/04 03:42:49 | 000,651,938 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/09/04 03:42:49 | 000,148,574 | ---- | M] () -- D:\Windows\System32\perfc00C.dat
[2012/09/04 03:42:49 | 000,120,870 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/09/03 16:03:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:44 | 000,289,768 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:43 | 000,189,416 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:43 | 000,188,904 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:42 | 001,034,216 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:03:42 | 000,916,456 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/02 17:00:22 | 000,001,453 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/02 16:37:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:44 | 001,800,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 001,427,968 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
0
Réponse 14 / 21
Utilisateur anonyme
11 sept. 2012 à 02:35
Re

Essaie de procéder à une restauration à une date antérieure à ton problème


@+

0
Réponse 15 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 02:44
Je fais comment avec OTPLE?

Merci
0
Réponse 16 / 21
Utilisateur anonyme
11 sept. 2012 à 02:46
Re

Sans le CD

Tu procèdes comme pour accéder au mode sans échec mais tu choisis:

Invite de commande en mode sans échec :

Voici ce que tu dois taper (validez avec la touche Entrée à la fin de chaque ligne).

@ pour espace

cd \
cd@windows
cd@system32
rstrui

Pour obtenir :
C : \windows \system32 > rstrui

Cela te permettra d'accéder à la restauration

@+
0
Réponse 17 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 02:56
Ok, j'ai fais une restauration antérieure mais ça marche pas quand même : écran blanc
0
Utilisateur anonyme
11 sept. 2012 à 02:57
Avant ce problème
0
Réponse 18 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 03:00
J'ai pas point de restauration avant ce problème. En tout cas, ils ne sont pas affichés car j'en avait fait d'autres.
0
Réponse 19 / 21
Utilisateur anonyme
Modifié par Guillaume5188 le 11/09/2012 à 08:27
Bonjour

Je viens de voir :
Un coup c'est E et l'autre fois c'est D


%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)


On commence par D si cela ne change pas

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

:OTL
O20 - HKU\hantz_ON_D Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - D:\Users\hantz\AppData\Roaming\1.exe ()
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe




tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse


@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
0
Réponse 20 / 21
grimm69 Messages postés 12 Date d'inscription mardi 11 septembre 2012 Statut Membre Dernière intervention 11 septembre 2012
11 sept. 2012 à 22:05
bonsoir, désolé pour le retard mais je rentre du taf!

voici le rapport :

OTL logfile created on: 9/12/2012 1:57:32 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.54 Mb Free Space | 75.54% Space Free | Partition Type: NTFS
Drive D: | 38.96 Gb Total Space | 10.55 Gb Free Space | 27.07% Space Free | Partition Type: NTFS
Drive E: | 193.82 Gb Total Space | 18.76 Gb Free Space | 9.68% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 1.12 Gb Free Space | 30.11% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2011/05/10 09:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011/05/10 09:10:56 | 000,121,000 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/30 03:24:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/21 14:27:17 | 000,075,136 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 19:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/26 11:48:00 | 000,285,152 | ---- | M] () [Auto] -- D:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 10:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012/05/28 01:09:04 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:[/b] - [2011/12/08 00:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:[b]64bit:[/b] - [2011/12/01 12:40:07 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011/08/10 11:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2011/08/01 10:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2011/05/10 08:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011/05/10 08:40:58 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot] -- D:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:[/b] - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/02/03 05:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\npf.sys -- (NPF)
DRV:[b]64bit:[/b] - [2009/11/06 02:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:[b]64bit:[/b] - [2009/09/28 04:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2007/01/19 12:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot] -- D:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:[b]64bit:[/b] - [2005/03/28 20:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hantz_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>





[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "fr.yahoo.com"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=108988&tt=2912_8&babsrc=KW_ss&mntrId=441395d0000000000000001b2f3f9909&q="


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl: D:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Users\hantz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/01 08:32:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 03:24:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/12/01 08:33:30 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Extensions
[2012/08/07 15:53:32 | 000,000,000 | ---D | M] (No name found) -- D:\Users\hantz\AppData\Roaming\Mozilla\Firefox\Profiles\soa2rskl.default\extensions
[2012/01/09 08:37:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2012/08/30 03:24:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/14 12:39:55 | 000,001,516 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/07/21 06:01:28 | 000,002,349 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/30 03:24:23 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/14 12:39:55 | 000,001,822 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/14 12:39:55 | 000,001,154 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/14 12:39:55 | 000,001,426 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/14 12:39:55 | 000,000,956 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - File not found
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] D:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] D:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\hantz_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\hantz_ON_D..\Run: [gStart] D:\Program Files (x86)\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKU\hantz_ON_D..\Run: [KiesHelper] D:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\hantz_ON_D..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\hantz_ON_D..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\RunOnce: [*Restore] D:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk ()
O4 - Startup: D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Télécharger avec Mipony - D:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\hantz_ON_D Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - D:\Users\hantz\AppData\Roaming\1.exe ()
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{44984b84-e459-11e1-b15c-0018f35c1eb0}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bb54500f-1bf7-11e1-bded-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell - "" = AutoRun
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{cb7fd0c2-1c37-11e1-8eed-0018f35c1eb0}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/09/11 02:37:12 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/09/11 00:11:07 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/09/03 16:04:11 | 000,916,456 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/03 16:04:10 | 001,034,216 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:04:10 | 000,289,768 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:53 | 000,189,416 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:53 | 000,188,904 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:53 | 000,108,008 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:37 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012/09/02 16:37:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2012/09/02 16:37:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2012/09/02 16:37:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2012/09/02 16:37:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2012/09/02 16:37:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
[2012/09/02 16:37:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/02 16:37:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2012/09/02 16:37:42 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2012/09/02 16:37:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2012/09/02 16:37:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/02 16:37:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
[2012/09/02 16:37:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
[2012/09/02 16:37:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2012/09/02 16:37:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2012/09/02 16:37:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
[2012/09/02 16:37:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2012/09/02 16:37:39 | 002,312,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2012/09/02 16:37:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2012/09/02 16:37:39 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2012/09/02 16:37:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/02 16:37:39 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2012/09/02 16:37:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2012/09/02 16:37:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2012/09/02 16:37:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2012/09/02 16:37:39 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2012/09/02 16:37:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2012/09/02 16:37:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/02 16:37:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2012/09/02 16:37:39 | 000,114,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2012/09/02 16:37:39 | 000,111,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2012/09/02 16:37:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2012/09/02 16:37:39 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/02 16:37:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2012/09/02 16:37:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2012/09/02 16:37:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2012/09/02 16:37:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2012/09/02 16:37:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2012/09/02 16:37:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/02 16:37:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2012/09/02 16:37:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2012/09/02 16:37:38 | 000,697,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/02 16:37:38 | 000,603,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2012/09/02 16:37:38 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2012/09/02 16:37:38 | 000,452,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2012/09/02 16:37:38 | 000,448,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/02 16:37:38 | 000,282,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2012/09/02 16:37:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/02 16:37:38 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2012/09/02 16:37:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2012/09/02 16:37:38 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2012/09/02 16:37:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/02 16:37:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2012/09/02 16:37:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2012/09/02 16:37:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2012/09/02 16:37:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2012/09/02 16:37:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/08/21 14:24:49 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\PunkBuster
[2012/08/21 13:10:04 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012/08/21 13:09:22 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Apps
[2012/08/21 13:09:21 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Local\Deployment
[2012/08/21 13:09:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_7.dll
[2012/08/21 13:09:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/21 13:09:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/21 13:09:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_43.dll
[2012/08/21 08:14:30 | 000,000,000 | ---D | C] -- D:\Kreapixel
[2012/08/21 08:12:43 | 000,000,000 | ---D | C] -- D:\Users\hantz\AppData\Roaming\Babylon
[2012/08/21 08:08:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Java
[2012/08/21 08:08:00 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Oracle
[2012/08/21 08:07:32 | 000,772,544 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\npDeployJava1.dll
[2012/08/21 08:07:32 | 000,227,760 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaws.exe
[2012/08/21 08:07:10 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
[2012/08/21 08:07:09 | 000,174,064 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
[2012/08/21 05:44:19 | 003,552,768 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvui64.dll
[2012/08/21 05:44:19 | 000,838,136 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\drivers\bcmwlhigh664.sys
[2012/08/21 05:44:19 | 000,095,472 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmwlcoi.dll
[2012/08/21 05:44:18 | 003,888,128 | ---- | C] (Broadcom Corporation) -- D:\Windows\System32\bcmihvsrv64.dll
[2012/08/21 05:44:17 | 001,436,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WdfCoInstaller01009.dll
[2012/08/21 05:44:17 | 000,025,312 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\System32\drivers\SCMNdisP.sys
[2012/08/21 05:44:14 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\wpcap.dll
[2012/08/21 05:44:14 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\SysWow64\Packet.dll
[2012/08/21 05:44:14 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\System32\drivers\npf.sys
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
[2012/08/21 05:44:13 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NETGEAR
[2012/08/15 03:24:20 | 000,503,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srcore.dll
[2012/08/15 03:24:16 | 000,751,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
[2012/08/15 03:24:16 | 000,492,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\win32spl.dll
[2012/08/15 03:24:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\splwow64.exe
[2012/08/15 03:24:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netapi32.dll
[2012/08/15 03:24:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browcli.dll
[2012/08/15 03:24:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\browcli.dll
[2012/08/15 03:23:42 | 000,956,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localspl.dll
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/09/11 00:43:37 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/09/11 00:43:35 | 000,000,268 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2012/09/11 00:43:28 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 00:43:28 | 000,026,576 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 00:42:58 | 000,001,062 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/11 00:41:38 | 1610,014,720 | -HS- | M] () -- D:\hiberfil.sys
[2012/09/10 19:17:11 | 000,001,078 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000UA.job
[2012/09/10 19:17:11 | 000,001,066 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/07 11:17:02 | 000,001,026 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753023852-2493228002-430823771-1000Core.job
[2012/09/04 04:57:06 | 000,000,687 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe
[2012/09/04 03:42:49 | 000,745,056 | ---- | M] () -- D:\Windows\System32\perfh00C.dat
[2012/09/04 03:42:49 | 000,651,938 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/09/04 03:42:49 | 000,148,574 | ---- | M] () -- D:\Windows\System32\perfc00C.dat
[2012/09/04 03:42:49 | 000,120,870 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/09/03 16:03:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/03 16:03:44 | 000,289,768 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2012/09/03 16:03:43 | 000,189,416 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2012/09/03 16:03:43 | 000,188,904 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2012/09/03 16:03:42 | 001,034,216 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2012/09/03 16:03:42 | 000,916,456 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2012/09/02 17:00:22 | 000,001,453 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/02 16:37:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2012/09/02 16:37:44 | 001,800,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2012/09/02 16:37:44 | 000,717,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2012/09/02 16:37:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/02 16:37:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2012/09/02 16:37:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2012/09/02 16:37:44 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/02 16:37:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2012/09/02 16:37:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2012/09/02 16:37:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
[2012/09/02 16:37:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/02 16:37:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2012/09/02 16:37:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2012/09/02 16:37:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/02 16:37:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/02 16:37:44 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2012/09/02 16:37:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2012/09/02 16:37:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/02 16:37:42 | 001,427,968 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2012/09/02 16:37:42 | 000,580,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/02 16:37:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2012/09/02 16:37:42 | 000,231,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/02 16:37:42 | 000,152,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2012/09/02 16:37:42 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2012/09/02 16:37:42 | 000,078,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2012/09/02 16:37:42 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2012/09/02 16:37:42 | 000,074,240 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
[2012/09/02 16:37:42 | 000,073,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/02 16:37:42 | 000,072,822 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
[2012/09/02 16:37:42 | 000,066,048 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2012/09/02 16:37:42 | 000,054,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2012/09/02 16:37:42 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2012/09/02 16:37:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/02 16:37:40 | 000,227,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
[2012/09/02 16:37:40 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
[2012/09/02 16:37:40 | 000,142,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2012/09/02 16:37:40 | 000,123,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2012/09/02 16:37:40 | 000,101,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
[2012/09/02 16:37:40 | 000,035,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2012/09/02 16:37:39 | 002,312,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2012/09/02 16:37:39 | 000,816,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2012/09/02 16:37:39 | 000,267,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2012/09/02 16:37:39 | 000,248,320 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/02 16:37:39 | 000,222,208 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2012/09/02 16:37:39 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2012/09/02 16:37:39 | 000,173,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2012/09/02 16:37:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2012/09/02 16:37:39 | 000,160,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2012/09/02 16:37:39 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2012/09/02 16:37:39 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/02 16:37:39 | 000,135,168 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2012/09/02 16:37:39 | 000,114,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2012/09/02 16:37:39 | 000,111,616 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2012/09/02 16:37:39 | 000,091,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2012/09/02 16:37:39 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/02 16:37:39 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2012/09/02 16:37:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2012/09/02 16:37:39 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2012/09/02 16:37:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2012/09/02 16:37:39 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2012/09/02 16:37:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/02 16:37:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2012/09/02 16:37:38 | 001,494,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2012/09/02 16:37:38 | 000,697,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/02 16:37:38 | 000,603,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2012/09/02 16:37:38 | 000,534,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2012/09/02 16:37:38 | 000,452,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2012/09/02 16:37:38 | 000,448,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/02 16:37:38 | 000,282,112 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2012/09/02 16:37:38 | 000,237,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/02 16:37:38 | 000,165,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2012/09/02 16:37:38 | 000,160,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2012/09/02 16:37:38 | 000,103,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2012/09/02 16:37:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/02 16:37:38 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2012/09/02 16:37:38 | 000,085,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2012/09/02 16:37:38 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2012/09/02 16:37:38 | 000,072,822 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2012/09/02 16:37:38 | 000,039,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2012/09/02 16:37:38 | 000,030,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/08/25 08:33:27 | 000,005,684 | ---- | M] () -- D:\Users\hantz\Desktop\Epee-Maximus-pour-les-enfants-70-cms.jpg
[2012/08/22 17:02:01 | 000,002,441 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/22 02:12:27 | 000,002,449 | ---- | M] () -- D:\Users\hantz\Desktop\Google Chrome.lnk
[2012/08/21 14:27:17 | 000,075,136 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrA.exe
[2012/08/21 14:24:57 | 000,281,120 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrB.exe
[2012/08/21 13:10:04 | 000,000,332 | ---- | M] () -- D:\Users\hantz\Desktop\Ghost Recon Online.appref-ms
[2012/08/21 08:14:02 | 009,733,120 | ---- | M] () -- D:\Users\hantz\Desktop\SetupWebV2.msi
[2012/08/21 08:06:55 | 000,174,064 | ---- | M] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
[2012/08/21 08:06:55 | 000,174,064 | ---- | M] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
[2012/08/21 06:19:46 | 000,000,995 | ---- | M] () -- D:\Users\hantz\Desktop\MiPony.lnk
[2012/08/21 06:19:45 | 000,001,003 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2012/08/21 05:45:54 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2012/08/21 05:44:20 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
[2012/08/21 05:44:13 | 000,000,908 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Assistant de configuration NETGEAR WNA3100.lnk
[2012/08/21 05:44:13 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/15 21:23:37 | 000,366,648 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/09/04 04:57:06 | 000,000,687 | ---- | C] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012/09/04 04:54:14 | 000,391,561 | ---- | C] () -- D:\Users\hantz\AppData\Roaming\1.exe
[2012/09/02 16:37:42 | 000,072,822 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
[2012/09/02 16:37:38 | 000,072,822 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2012/08/25 08:33:40 | 000,005,684 | ---- | C] () -- D:\Users\hantz\Desktop\Epee-Maximus-pour-les-enfants-70-cms.jpg
[2012/08/21 13:10:04 | 000,000,332 | ---- | C] () -- D:\Users\hantz\Desktop\Ghost Recon Online.appref-ms
[2012/08/21 08:14:32 | 000,002,971 | ---- | C] () -- D:\Users\hantz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlayerV2.lnk
[2012/08/21 08:13:52 | 009,733,120 | ---- | C] () -- D:\Users\hantz\Desktop\SetupWebV2.msi
[2012/08/21 05:45:54 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2012/08/21 05:44:14 | 000,053,299 | ---- | C] () -- D:\Windows\SysWow64\pthreadVC.dll
[2012/08/21 05:44:13 | 000,000,908 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Assistant de configuration NETGEAR WNA3100.lnk
[2012/08/08 06:42:12 | 000,451,072 | ---- | C] () -- D:\Windows\SysWow64\ISSRemoveSP.exe
[2012/07/09 17:22:54 | 000,000,115 | ---- | C] () -- D:\Windows\wininit.ini
[2012/02/01 15:10:40 | 000,000,715 | ---- | C] () -- D:\Windows\SysWow64\Settings.ini
[2011/12/13 11:37:42 | 001,061,661 | ---- | C] () -- D:\Windows\SysWow64\unins000.exe
[2011/12/13 11:37:42 | 000,019,299 | ---- | C] () -- D:\Windows\SysWow64\unins000.dat
[2011/12/03 05:32:32 | 000,281,120 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.exe
[2011/12/03 05:32:16 | 000,669,184 | ---- | C] () -- D:\Windows\SysWow64\pbsvc.exe
[2011/12/03 05:32:16 | 000,075,136 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrA.exe
[2011/12/01 12:46:40 | 000,098,304 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvGarmin.dll
[2011/12/01 12:46:40 | 000,073,728 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvMagellan.dll
[2011/12/01 12:46:40 | 000,061,440 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvSena.dll
[2011/12/01 12:46:40 | 000,061,440 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvMlr.dll
[2011/12/01 12:46:40 | 000,061,440 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvLowrance.dll
[2011/12/01 12:46:40 | 000,049,152 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvSilva.dll
[2011/12/01 12:46:40 | 000,049,152 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvPyx.dll
[2011/12/01 12:46:40 | 000,049,152 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvAvmap.dll
[2011/12/01 12:46:40 | 000,045,056 | ---- | C] () -- D:\Windows\SysWow64\OgcDrvSuu.dll
[2011/12/01 12:45:07 | 000,688,128 | ---- | C] () -- D:\Windows\SysWow64\BCGCB474.dll
[2011/12/01 12:45:07 | 000,221,184 | ---- | C] () -- D:\Windows\SysWow64\CreateReg.exe
[2011/12/01 12:45:07 | 000,188,416 | ---- | C] () -- D:\Windows\SysWow64\CP30FW.DLL
[2011/12/01 12:45:07 | 000,143,360 | ---- | C] () -- D:\Windows\SysWow64\ConversApi.dll
[2011/12/01 12:45:07 | 000,139,264 | ---- | C] () -- D:\Windows\SysWow64\Polyclip.dll
[2011/12/01 12:45:07 | 000,040,960 | ---- | C] () -- D:\Windows\SysWow64\BCGCBResFRA.dll
[2011/12/01 12:45:07 | 000,036,864 | ---- | C] () -- D:\Windows\SysWow64\Ogc.dll
[2011/12/01 12:45:07 | 000,036,864 | ---- | C] () -- D:\Windows\SysWow64\Nmea.dll
[2011/12/01 12:45:07 | 000,032,768 | ---- | C] () -- D:\Windows\SysWow64\RCalcul.dll
[2011/12/01 09:41:34 | 001,639,320 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/14 19:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\SysWow64\nvStreaming.exe
[2011/09/28 12:44:14 | 000,179,271 | ---- | C] () -- D:\Windows\SysWow64\xlive.dll.cat
[2011/01/29 12:00:24 | 000,030,568 | ---- | C] () -- D:\Windows\MusiccityDownload.exe
[2011/01/29 12:00:22 | 000,974,848 | ---- | C] () -- D:\Windows\SysWow64\cis-2.4.dll
[2011/01/29 12:00:22 | 000,081,920 | ---- | C] () -- D:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/01/29 12:00:22 | 000,065,536 | ---- | C] () -- D:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/01/29 12:00:22 | 000,057,344 | ---- | C] () -- D:\Windows\SysWow64\issacapi_se-2.3.dll
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/12/01 08:32:23 | 000,000,000 | ---D | M] -- D:\ProgramData\AVAST Software
[2012/07/21 06:01:01 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2011/12/01 04:46:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Bureau
[2011/12/01 12:35:19 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/12/01 04:46:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoris
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2011/12/25 04:09:50 | 000,000,000 | ---D | M] -- D:\ProgramData\GARMIN
[2011/12/01 04:46:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Menu Démarrer
[2011/12/01 04:46:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Modèles
[2011/12/01 09:36:49 | 000,000,000 | ---D | M] -- D:\ProgramData\Samsung
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/12/01 09:48:00 | 000,000,000 | ---D | M] -- D:\ProgramData\ZoneFiveSoftware
[2012/09/11 00:43:35 | 000,000,268 | ---- | M] () -- D:\Windows\Tasks\AutoKMS.job
[2012/08/08 04:10:49 | 000,032,482 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< :OTL >[/color]


[color=#A23BEC]< O20 - HKU\hantz_ON_D Winlogon: Shell - (C:\Users\hantz\AppData\Roaming\1.exe) - D:\Users\hantz\AppData\Roaming\1.exe () >[/color]


[color=#A23BEC]< [2012/09/04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe >[/color]
Invalid Switch: 04 04:54:13 | 000,391,561 | ---- | M] () -- D:\Users\hantz\AppData\Roaming\1.exe

< End of report >
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses