Forum d'Entraide Informatique (FEI)

Site d'assistance et de sécurité informatique
https://www.forum-entraide-informatique.com/support/

On m'a piraté mon Facebook et mon adresse mail

https://www.forum-entraide-informatique.com/support/viewtopic.php?f=3&t=10060

Page 1 sur 1

On m'a piraté mon Facebook et mon adresse mail

Posté : dim. 10 nov. 2013 22:05
par mariefrancejbk
Bonsoir. j(ai été victime du piratage de mon compte et de mon adresse mail  Facebook. Je voudrais reprendre possession de mon compte, mais je n'y arrive pas du fait que le hackeur a mis un mot de passe coriace dessus.  J'ai prevenu Facebook du fait que ce compte a été piraté, mais je n'ai pas trouvé comment faire. J'ai donc tenté de changer l'adresse mail du compte mais il me faut une répondre à une question de sécurité mais sans le vouloir j'ai créer un autre compte et en plus sur le nouveau compte j'ai communiquer mon numéro de portable alors quand je veux récuperer mon compte mariefrancejbk sur faceboock il a ete changé a Marie-FranceJbk par le voleur on me dit de mettre mon numéro de téléphone ce que je fais faceboock me renvois a mon nouveau compte .

je précise que j'ai 1300 amis et que je veux pas les perdre cela fait 5 jours que j'essaye de le recuperer je ne veux plus avoir a faire a faceboock il faut que je hake mon compte j(ai 50 ans je n'y connais rien en plus j'ai une page ou mes abonnée y sont inscrit
merci de m'aider a retrouver ma page j'espere qu'un jeune ou jeune personnes pourra prendre la main sur mon compte

en plus je n'ai plus de plug


Merci de vos réponses à tous. amicalement marie france

ON M'A PRATE MON FACEBOOCK ET MON ADRESSE EMAIL

Posté : lun. 11 nov. 2013 16:49
par dédétraqué
Salut mariefrancejbk


As-tu fais désinfecté ton PC?

Tu as probablement été victime d'un Stealer :
http://www.malekal.com/2011/11/14/steal ... -de-passe/


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 17:10
par mariefrancejbk
j'ai avg j'ai fait adw cleaner. j(ai nettoyer avec CCleaner je pensais etre protéger


par contre il me reste une barre qui s'appelle search et j(au de la publicité pornographique sur ma planète et les mots sont soulignés en vert au lieu d'etre rouge

j'ai windows 8.1 par contre le lien que vous m'avez fournis je ne sait pas m'en servir merci de me prendre en charge svp

amicalement Marie-France

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 17:15
par dédétraqué
Salut mariefrancejbk


On va vérifier le PC :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s

- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise cjoint.com pour poster en lien tes rapports :
http://cjoint.com/

- Clique sur Choisissez un fichier pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 18:39
par mariefrancejbk
je n(arrive pas a telecharger e OTL (de OldTimer) et l enregistrer- sur le Bureau.il se place directement sur la barre du bas il me demande d'analyser et c'est tout merci de m'informer comment puis-je faire pour le mettre sur mon bureau merci

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 18:55
par mariefrancejbk
Voici le rapport d'otl


sans que j'ai copier coller quoi que ce soit merci juste une analyse


OTL logfile created on: 11/11/2013 18:15:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CHANTALE\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,95 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 34,50% Memory free
7,95 Gb Paging File | 4,90 Gb Available in Paging File | 61,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585,57 Gb Total Space | 220,35 Gb Free Space | 37,63% Space Free | Partition Type: NTFS

Computer Name: CHANTAL | User Name: CHANTALE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/11 18:02:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHANTALE\Downloads\OTL (3).exe
PRC - [2013/10/13 22:33:34 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/10/09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/07 20:19:22 | 000,240,736 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/08/08 15:18:38 | 000,559,552 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/01 23:01:26 | 000,155,488 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2012/07/17 22:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 22:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/06/27 20:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/06/25 18:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/08/01 23:01:27 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2012/08/01 23:01:27 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2012/08/01 23:01:26 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2012/08/01 23:01:26 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2012/08/01 23:01:26 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
MOD - [2012/08/01 23:01:25 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2012/08/01 23:01:25 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2012/08/01 23:01:25 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2012/08/01 23:01:25 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
MOD - [2012/08/01 23:01:25 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
MOD - [2012/08/01 23:01:25 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2012/08/01 23:01:24 | 000,446,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/25 18:08:12 | 002,768,208 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV:64bit: - [2013/10/16 15:32:54 | 000,289,496 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013/09/30 05:14:12 | 001,581,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/09/30 05:14:02 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/30 05:14:00 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/30 05:14:00 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/30 05:13:59 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/30 05:13:59 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/09/30 05:13:58 | 001,302,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/08/22 13:39:24 | 003,395,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:03:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/02/21 02:52:14 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/08/25 01:33:20 | 000,291,240 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2012/07/28 17:20:44 | 000,458,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2012/07/27 22:35:00 | 000,053,384 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2012/04/20 22:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009/07/28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/10/07 20:19:22 | 000,240,736 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/30 05:13:57 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/08 15:18:38 | 000,559,552 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2013/07/25 07:53:04 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/18 18:05:46 | 000,116,088 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/17 22:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 22:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/06/27 20:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 18:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/10/13 22:38:46 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2011/03/14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/03 13:13:58 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/23 16:28:54 | 000,017,568 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys -- (ma-config_amd64)
DRV:64bit: - [2013/09/30 05:14:00 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/09/30 05:13:57 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/30 05:13:57 | 000,371,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/09/30 05:13:57 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/30 05:13:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:13:57 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/09/30 05:13:57 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/09/30 04:59:54 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 04:59:49 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/25 21:07:30 | 000,148,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/09/08 22:11:42 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/09/04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/09/02 10:59:14 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/09/02 10:29:18 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/09/02 10:26:50 | 000,192,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/09/02 10:26:42 | 000,241,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,325,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,056,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/20 22:53:58 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/31 19:25:43 | 001,936,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/30 10:01:20 | 000,252,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/24 08:02:14 | 000,025,496 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/21 02:52:22 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/02/21 02:52:16 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/14 17:39:30 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/08/14 17:39:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/07/31 20:28:54 | 000,028,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2012/07/31 19:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/26 00:34:42 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2012/07/25 00:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (TDCMDPST)
DRV:64bit: - [2012/07/21 23:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012/07/17 07:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/18 18:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2012/06/13 17:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2011/09/09 10:51:02 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2009/09/11 22:11:46 | 000,014,344 | ---- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys -- (PEGAGFN)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5FA89D4F-B8BF-48D4-8BF6-AC8A474D424D}: "URL" = http://www.bing.com/search?q={searchTer ... Rpc=MATMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE - HKLM\..\SearchScopes\{41A9059A-E811-D119-4639-27BDCBB89310}: "URL" = http://start.mysearchdial.com/results.p ... 0543265ir=
IE - HKLM\..\SearchScopes\{5FA89D4F-B8BF-48D4-8BF6-AC8A474D424D}: "URL" = http://www.bing.com/search?q={searchTer ... Rpc=MATMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKCU\..\SearchScopes\{7D06C8A9-0BD3-7834-10CA-173233576268}: "URL" = http://search.conduit.com/Results.aspx? ... earchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedtest4350@BestOffers: C:\Users\CHANTALE\AppData\Roaming\Mozilla\Extensions\speedtest4350@BestOffers [2013/10/27 13:34:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedtest4350@BestOffers: C:\Users\CHANTALE\AppData\Roaming\Mozilla\Extensions\speedtest4350@BestOffers [2013/10/27 13:34:10 | 000,000,000 | ---D | M]

[2013/10/27 13:34:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CHANTALE\AppData\Roaming\mozilla\Extensions
[2013/10/27 13:34:10 | 000,000,000 | ---D | M] (Speed Test (4350)) -- C:\Users\CHANTALE\AppData\Roaming\mozilla\Extensions\speedtest4350@BestOffers
[2013/10/18 01:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Ask.com (Enabled)
CHR - default_search_provider: search_url = http://dts.search.ask.com/sr?src=crbgct ... earchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com
CHR - Extension: Movies Toolbar = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\26.56092_0\
CHR - Extension: Allin1Convert = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndabehhdchlmpligpihaanhnkcbbbppp\5.41.2.15020_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\SEARCH~2.DLL File not found
O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\SEARCH~2.DLL File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaDynamicIconUtility] C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation)
O4 - HKCU..\Run: [Desktop] wscript.exe //B "C:\Users\CHANTALE\AppData\Local\Temp\Desktop.vbs" File not found
O4 - HKCU..\Run: [Driver Restore] C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [DriverTurbo] C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe ()
O4 - HKCU..\Run: [iLivid] "C:\Users\CHANTALE\AppData\Local\iLivid\iLivid.exe" -autorun File not found
O4 - HKCU..\Run: [Speech Recognition] C:\windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\CHANTALE\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ma-config.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ma-config.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/Cl ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26092818-05FF-43EF-941B-7A7C247BEC96}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D90CC258-28F2-47E0-8A21-40EEC42C8495}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\cltmngsvc.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 18:57
par mariefrancejbk
SUITE 2



========== Files/Folders - Created Within 30 Days ==========

[2013/11/11 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\pdfforge
[2013/11/10 20:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/10 20:22:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/11/10 20:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/09 04:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/11/09 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NSSx64
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NSSx64\0400030.018
[2013/11/09 04:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/09 04:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/09 04:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/09 02:40:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Adobe
[2013/11/08 01:08:37 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\SkyDrive
[2013/11/05 22:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/05 21:35:43 | 000,000,000 | ---D | C] -- C:\Log
[2013/11/05 21:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/05 21:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
[2013/11/05 21:35:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
[2013/11/05 03:05:41 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\Documents\Flash Player Pro
[2013/11/04 23:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/11/04 23:41:46 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll
[2013/11/04 23:41:46 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll
[2013/11/04 23:41:46 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll
[2013/11/04 23:41:46 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll
[2013/11/04 23:41:37 | 001,662,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2013/11/04 23:41:36 | 002,810,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013/11/04 23:41:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll
[2013/11/04 23:41:11 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll
[2013/11/04 23:41:11 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll
[2013/11/04 23:41:09 | 002,587,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2013/11/04 23:41:07 | 001,021,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013/11/04 23:41:02 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2013/11/04 23:41:02 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2013/11/04 23:41:02 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2013/11/04 23:41:02 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2013/11/04 23:41:01 | 000,617,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013/11/04 23:40:56 | 001,286,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2013/11/04 23:40:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2013/11/04 23:40:53 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2013/11/04 23:40:38 | 000,151,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013/11/04 23:38:09 | 002,743,328 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2013/11/04 23:37:58 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2013/11/04 23:37:56 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013/11/04 23:37:56 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll
[2013/11/04 23:30:15 | 002,080,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2013/11/04 22:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2013/11/04 22:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFixer
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com
[2013/11/04 19:22:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013/11/04 19:10:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013/11/03 13:15:42 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\AVG2014
[2013/11/03 13:14:39 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\AVG SafeGuard toolbar
[2013/11/03 13:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/03 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\TuneUp Software
[2013/11/03 13:14:23 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/11/03 13:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/11/03 13:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/11/03 13:12:23 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/03 13:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/03 13:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/02 11:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/11/02 11:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTurbo
[2013/11/02 11:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverTurbo
[2013/11/02 11:35:47 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\DriverTurbo
[2013/11/02 04:23:57 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\SkyDrive.old
[2013/11/02 03:52:30 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Identities
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2013/11/02 03:33:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2013/11/02 02:47:35 | 000,000,000 | --SD | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Favorites
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Documents
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Desktop
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Voisinage réseau
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Voisinage d'impression
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Temporary Internet Files
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\SendTo
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Recent
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Modèles
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Mes vidéos
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Mes images
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Mes documents
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Menu Démarrer
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Ma musique
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Local Settings
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Historique
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Cookies
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Application Data
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Application Data
[2013/11/02 02:47:35 | 000,000,000 | -H-D | C] -- C:\Users\CHANTALE\AppData
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Temp
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Microsoft
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/02 02:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/11/02 02:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/11/02 02:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2013/11/02 02:26:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/11/02 02:26:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/11/02 02:24:30 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/11/02 02:24:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/11/02 02:22:23 | 000,872,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/02 02:22:23 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/02 02:22:05 | 002,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/02 02:22:05 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/02 02:22:05 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/02 02:22:05 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/02 02:22:05 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/02 02:22:05 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/02 02:22:05 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/02 02:22:05 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/02 02:22:05 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/02 02:22:05 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:22:05 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/11/02 02:18:38 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/11/02 02:18:38 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/11/02 02:18:38 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/11/02 02:18:37 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/11/02 02:18:36 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/11/02 02:18:35 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/11/01 12:34:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013/11/01 04:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013/11/01 04:29:12 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\ilividmoviestoolbarha
[2013/10/31 16:18:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VB6STKIT.DLL
[2013/10/31 16:18:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CMDLGFR.DLL
[2013/10/31 16:18:49 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\TFP
[2013/10/28 06:35:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BearShare
[2013/10/28 01:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/10/28 01:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/27 23:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2013/10/27 23:57:55 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\PC_Drivers_Headquarters
[2013/10/27 23:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Restore
[2013/10/27 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore
[2013/10/27 23:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Restore
[2013/10/27 23:00:50 | 000,372,896 | ---- | C] (AnySend.com) -- C:\Users\CHANTALE\AppData\Local\AnySend.exe
[2013/10/27 23:00:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnySend
[2013/10/27 13:38:00 | 000,765,456 | ---- | C] (AnyProtect.com) -- C:\Users\CHANTALE\AppData\Local\AnyProtectScannerSetup.exe
[2013/10/27 13:34:04 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\speedtest4350
[2013/10/27 13:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[2013/10/27 13:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlvPlayer
[2013/10/27 13:25:23 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\mozilla
[2013/10/27 13:00:02 | 001,141,328 | ---- | C] (BitTorrent Inc.) -- C:\Users\CHANTALE\Desktop\utorrent.exe
[2013/10/26 22:55:36 | 004,436,576 | ---- | C] (AVG Technologies) -- C:\Users\CHANTALE\Desktop\avg_free_stb_all_2014_4158_softonic.exe
[2013/10/26 22:43:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\MFAData
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Avg2014
[2013/10/26 21:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 11
[2013/10/26 20:41:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/26 00:51:02 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Malwarebytes
[2013/10/26 00:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/26 00:50:05 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Programs
[2013/10/20 12:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/10/20 12:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/20 12:46:22 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Software
[2013/10/18 01:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bench
[2013/10/18 01:30:47 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\avgchrome
[2013/10/18 01:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\searchplugins
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Extensions
[2013/10/18 01:27:37 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\uTorrent
[2013/10/18 01:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dactylo
[2013/10/18 01:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dactylo
[2013/05/01 06:35:13 | 003,997,000 | ---- | C] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewerQS6Alliance.exe
[2013/05/01 06:35:12 | 117,695,488 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Sage_Apibatiment_Standard_Batigest_V8.01_Sem3.exe
[5 C:\Users\CHANTALE\Documents\*.tmp files - C:\Users\CHANTALE\Documents\*.tmp - ]

========== Files - Modified Within 30 Days ==========

[2013/11/11 17:38:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/11 15:56:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\bench-sys.job
[2013/11/11 14:34:29 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/11 14:34:24 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/11 14:25:31 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/11 14:23:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/11 14:23:24 | 3395,051,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/10 20:22:11 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/10 18:19:25 | 000,001,337 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/10 18:19:25 | 000,001,026 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/09 13:53:57 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for CHANTALE.job
[2013/11/09 04:40:21 | 000,001,480 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
[2013/11/05 22:58:42 | 000,001,806 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/05 21:35:43 | 000,000,081 | ---- | M] () -- C:\WINDOWS\spwdrhfa.INI
[2013/11/05 21:35:35 | 000,001,229 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
[2013/11/05 10:04:31 | 001,824,010 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/05 10:04:31 | 000,812,350 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2013/11/05 10:04:31 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/05 10:04:31 | 000,159,412 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2013/11/05 10:04:31 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/04 22:10:23 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013/11/04 22:05:22 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
[2013/11/03 13:39:56 | 209,715,200 | ---- | M] () -- C:\Users\CHANTALE\Documents\Coffre-fort de données.avgfv
[2013/11/03 13:35:45 | 000,000,948 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Coffre-fort de données.lnk
[2013/11/03 13:14:33 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/03 13:13:58 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/11/02 11:36:41 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\DriverTurbo.lnk
[2013/11/02 03:32:56 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/11/02 03:32:56 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/11/02 03:32:30 | 000,023,108 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/02 02:58:58 | 000,409,872 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/11/02 02:27:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013/11/02 02:26:58 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/02 02:26:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/02 02:26:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/02 02:22:23 | 000,872,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/02 02:22:23 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/02 02:22:17 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/11/02 02:22:17 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/02 02:22:05 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/02 02:22:05 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/02 02:22:05 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/02 02:22:05 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/02 02:22:05 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/02 02:22:05 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,837,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/02 02:22:05 | 000,698,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/02 02:22:05 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/02 02:22:05 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/02 02:22:05 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:22:05 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:07:34 | 000,327,680 | ---- | M] () -- C:\WINDOWS\SysNative\Ikeext.etl
[2013/11/01 19:53:42 | 000,213,736 | ---- | M] () -- C:\WINDOWS\SysNative\cleenregistre.reg
[2013/11/01 12:36:22 | 000,001,052 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/10/31 16:19:37 | 000,002,235 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Facebook.lnk
[2013/10/31 16:19:37 | 000,002,231 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Youtube.lnk
[2013/10/31 16:19:37 | 000,001,388 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Torch.lnk
[2013/10/31 16:19:01 | 000,001,192 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/10/29 22:32:52 | 000,608,471 | ---- | M] () -- C:\Users\CHANTALE\Documents\29OCTOBRE.pdf
[2013/10/28 06:35:16 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\Installer BearShare.lnk
[2013/10/28 02:08:56 | 000,127,915 | ---- | M] () -- C:\Users\CHANTALE\Documents\BILANJOBKEL.pdf
[2013/10/28 01:17:51 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/27 23:56:52 | 000,002,298 | ---- | M] () -- C:\Users\Public\Desktop\Driver Restore.lnk
[2013/10/27 23:00:51 | 000,000,866 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Continue AnySend Installation.lnk
[2013/10/27 23:00:44 | 000,372,896 | ---- | M] (AnySend.com) -- C:\Users\CHANTALE\AppData\Local\AnySend.exe
[2013/10/27 13:38:19 | 000,000,392 | ---- | M] () -- C:\Users\CHANTALE\Desktop\FREE Games.url
[2013/10/27 13:38:16 | 000,351,112 | ---- | M] () -- C:\Users\CHANTALE\AppData\Local\mysearchdial-speeddial.crx
[2013/10/27 13:27:13 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\FlvPlayer.lnk
[2013/10/27 13:03:32 | 000,000,865 | ---- | M] () -- C:\Users\CHANTALE\Desktop\µTorrent.lnk
[2013/10/27 13:03:32 | 000,000,845 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/10/27 13:01:46 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\CHANTALE\Desktop\utorrent.exe
[2013/10/26 22:56:16 | 004,436,576 | ---- | M] (AVG Technologies) -- C:\Users\CHANTALE\Desktop\avg_free_stb_all_2014_4158_softonic.exe
[2013/10/22 17:40:06 | 000,673,037 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013/10/22 17:11:30 | 000,151,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013/10/21 13:42:46 | 000,765,456 | ---- | M] (AnyProtect.com) -- C:\Users\CHANTALE\AppData\Local\AnyProtectScannerSetup.exe
[2013/10/21 10:46:30 | 002,587,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2013/10/20 14:56:03 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\bench-Updater removing.job
[2013/10/20 12:50:31 | 000,001,110 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Flash Player Pro.lnk
[2013/10/18 16:41:34 | 001,286,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2013/10/18 01:21:30 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/10/16 03:43:50 | 000,209,096 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[5 C:\Users\CHANTALE\Documents\*.tmp files - C:\Users\CHANTALE\Documents\*.tmp - ]

========== Files Created - No Company Name ==========

[2013/11/10 20:22:11 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/09 04:40:24 | 000,000,474 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for CHANTALE.job
[2013/11/09 04:40:21 | 000,001,480 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
[2013/11/09 04:40:14 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NSSx64\0400030.018\isolate.ini
[2013/11/05 22:58:42 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/05 21:35:35 | 000,001,229 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
[2013/11/05 21:35:32 | 000,000,081 | ---- | C] () -- C:\WINDOWS\spwdrhfa.INI
[2013/11/04 23:40:54 | 000,673,037 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013/11/04 22:07:46 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013/11/04 22:05:22 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
[2013/11/03 13:35:45 | 000,000,948 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Coffre-fort de données.lnk
[2013/11/03 13:35:14 | 209,715,200 | ---- | C] () -- C:\Users\CHANTALE\Documents\Coffre-fort de données.avgfv
[2013/11/03 13:14:33 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/02 11:36:41 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\DriverTurbo.lnk
[2013/11/02 03:32:31 | 000,023,108 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/02 02:54:37 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/11/02 02:47:35 | 000,000,352 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/02 02:47:35 | 000,000,334 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/02 02:47:24 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/11/02 02:47:24 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/11/02 02:27:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/11/02 02:26:58 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/02 02:26:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/02 02:26:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/01 19:53:28 | 000,213,736 | ---- | C] () -- C:\WINDOWS\SysNative\cleenregistre.reg
[2013/10/31 16:19:01 | 000,002,235 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Facebook.lnk
[2013/10/31 16:19:01 | 000,002,231 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Youtube.lnk
[2013/10/31 16:19:01 | 000,001,396 | ---- | C] () -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[2013/10/31 16:18:40 | 000,001,388 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Torch.lnk
[2013/10/31 16:18:40 | 000,001,192 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/10/31 16:17:57 | 000,001,052 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/10/29 22:32:49 | 000,608,471 | ---- | C] () -- C:\Users\CHANTALE\Documents\29OCTOBRE.pdf
[2013/10/28 06:35:16 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\Installer BearShare.lnk
[2013/10/28 02:08:54 | 000,127,915 | ---- | C] () -- C:\Users\CHANTALE\Documents\BILANJOBKEL.pdf
[2013/10/28 01:17:51 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/27 23:56:52 | 000,002,298 | ---- | C] () -- C:\Users\Public\Desktop\Driver Restore.lnk
[2013/10/27 23:00:51 | 000,000,866 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Continue AnySend Installation.lnk
[2013/10/27 13:38:21 | 000,351,112 | ---- | C] () -- C:\Users\CHANTALE\AppData\Local\mysearchdial-speeddial.crx
[2013/10/27 13:38:19 | 000,000,392 | ---- | C] () -- C:\Users\CHANTALE\Desktop\FREE Games.url
[2013/10/27 13:27:13 | 000,001,041 | ---- | C] () -- C:\Users\Public\Desktop\FlvPlayer.lnk
[2013/10/27 13:03:32 | 000,000,865 | ---- | C] () -- C:\Users\CHANTALE\Desktop\µTorrent.lnk
[2013/10/27 13:03:32 | 000,000,845 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/10/20 14:56:03 | 000,000,310 | ---- | C] () -- C:\WINDOWS\tasks\bench-Updater removing.job
[2013/10/20 12:50:31 | 000,001,110 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Flash Player Pro.lnk
[2013/10/18 01:32:09 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\bench-sys.job
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/29 22:56:06 | 000,139,776 | ---- | C] () -- C:\WINDOWS\SysWow64\ApiOleSocket.dll
[2013/05/01 06:35:09 | 028,858,864 | ---- | C] () -- C:\Program Files (x86)\Sage_Apibatiment_Comptabilite_Standard_V850_sem06(2).exe
[2013/05/01 06:35:08 | 016,200,144 | ---- | C] () -- C:\Program Files (x86)\Patch_Sage_Apibatiment_Paye_Standard_V850_sem08 (2).exe
[2013/02/21 02:52:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/02/21 02:52:20 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsnl.dat
[2013/02/21 02:52:14 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/02/21 02:52:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsny.dat
[2013/02/21 02:52:10 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/10/11 00:42:01 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/05/11 00:35:16 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012/04/20 21:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2011/12/15 13:19:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\dynprint.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/30 05:14:01 | 021,195,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/30 05:14:11 | 018,640,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes - C:\Users\CHANTALE\SkyDrive.old:ms-properties
@Alternate Data Stream - 162 bytes - C:\Users\CHANTALE\SkyDrive:ms-properties

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 19:22
par mariefrancejbk
ça y est j'ai pu mettre otl en raccourci sur mon bureau


mais comment faire cela svp


- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

On m'a piraté mon Facebook et mon adresse mail

Posté : lun. 11 nov. 2013 20:48
par dédétraqué
Salut mariefrancejbk


Image Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
Image Mets le à jour ([g]Important[/g])

Image Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
Image Clique sur Rechercher

Image Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

Image Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

Image Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

Image Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_Malware ... alware.php


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:19
par mariefrancejbk
PARTIE 3 RAPPORT D'OTL TEL QUE VOUS ME L"AVEZ DEMANDE


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/19 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\AlawarEntertainment
[2013/11/03 13:15:42 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\AVG2014
[2013/05/30 21:03:50 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Bouygues Telecom
[2013/06/02 22:47:34 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\CaribbeanJewel
[2013/07/10 12:32:30 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\cerasus.media GmbH
[2013/05/12 06:51:15 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/07/17 12:27:22 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\DikobrazGames
[2013/11/02 11:37:12 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\DriverTurbo
[2013/07/14 08:25:59 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Faerie Solitaire
[2013/07/24 03:54:05 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\funkitron
[2013/07/22 22:53:54 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\GameCards
[2013/08/16 22:09:41 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\GigantGames
[2013/08/16 04:22:30 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Hoyle Card Games Vol. 2
[2013/05/25 21:08:47 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Hoyle Card Games Vol. 4
[2013/05/25 20:56:21 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Hoyle FaceCreator
[2013/11/11 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\pdfforge
[2013/07/10 12:29:39 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Pogo Games
[2013/07/10 23:02:44 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\PTV Game
[2013/05/16 19:32:59 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Rainbow
[2013/06/01 17:22:02 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Rokapublish
[2013/05/13 00:48:33 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\sMedio
[2013/10/27 13:34:10 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\speedtest4350
[2013/07/24 13:28:05 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\SpinTop Games
[2013/07/31 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\TeamViewer
[2013/10/31 16:18:54 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\TFP
[2013/05/14 15:14:44 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\Toshiba
[2013/11/03 13:14:33 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\TuneUp Software
[2013/11/05 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\uTorrent
[2013/05/15 13:43:09 | 000,000,000 | ---D | M] -- C:\Users\CHANTALE\AppData\Roaming\WildTangent

========== Purity Check ==========



========== Custom Scans ==========


[2012/07/26 04:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013/11/11 14:23:24 | 3395,051,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/11 14:23:25 | 4294,967,295 | -HS- | M] () -- C:\pagefile.sys
[2013/11/12 05:05:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/11/11 14:23:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys




[2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2010/04/19 08:54:34 | 016,200,144 | ---- | M] () -- C:\Program Files (x86)\Patch_Sage_Apibatiment_Paye_Standard_V850_sem08 (2).exe
[2010/04/25 19:02:38 | 028,858,864 | ---- | M] () -- C:\Program Files (x86)\Sage_Apibatiment_Comptabilite_Standard_V850_sem06(2).exe
[2010/01/26 13:40:00 | 117,695,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sage_Apibatiment_Standard_Batigest_V8.01_Sem3.exe
[2011/05/03 18:53:08 | 003,997,000 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewerQS6Alliance.exe


[2013/05/08 01:49:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/10/11 00:37:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
[2012/10/11 00:37:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD AVT
[2013/10/27 23:00:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AnySend
[2013/05/08 01:01:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/10/11 00:37:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2013/11/03 13:11:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2013/11/04 17:43:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/10/28 06:35:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BearShare
[2013/10/18 01:32:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bench
[2013/05/08 01:01:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2013/05/30 21:00:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bouygues Telecom
[2013/10/27 22:45:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cobian Backup 11
[2013/11/09 04:44:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/10/18 01:01:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dactylo
[2013/10/27 23:55:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Driver Restore
[2013/11/02 11:36:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DriverTurbo
[2012/09/06 16:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eBay
[2013/10/20 13:40:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/27 13:27:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FlvPlayer
[2013/08/22 20:34:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/07/10 14:30:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hotspot 3G+ BTelecom
[2013/05/29 22:56:03 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/10/11 00:39:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2013/11/02 02:53:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/11/05 22:58:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2013/11/10 20:22:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/05/08 05:43:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/05/08 06:00:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2013/10/11 11:44:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/11/02 02:53:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/10/18 01:29:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/02 02:19:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/05/08 01:06:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2012/09/06 16:34:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2013/11/09 04:40:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Security Scan
[2013/11/09 04:40:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2013/08/06 17:15:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Online Games Manager
[2013/10/28 01:35:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDFCreator
[2013/10/18 01:21:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2012/10/11 00:42:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2012/10/11 00:42:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek WLAN Driver
[2013/11/02 02:19:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/08/25 05:24:05 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2013/11/05 21:35:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
[2013/11/04 23:42:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/10/11 00:50:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TOSHIBA
[2013/05/15 12:13:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TOSHIBA Games
[2013/08/14 03:27:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Toshiba TEMPRO
[2013/05/15 11:51:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames
[2013/11/02 05:13:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2013/09/30 05:18:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2013/09/30 04:56:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/11/02 02:53:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2013/08/22 16:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2013/09/30 04:56:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2013/08/22 16:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2013/11/02 02:53:25 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell
[2013/05/31 16:37:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR


[2004/08/04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\agp440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1d5376df88365b19\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:45:05 | 000,062,304 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\drivers\AGP440.sys
[2013/08/22 14:45:05 | 000,062,304 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys


[2013/08/22 15:55:04 | 000,086,064 | ---- | M] () MD5=1336BE8A8B1E8B8744D5217AE5FDD303 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.16384_none_728d486f3000a7ad\appmgmts.dll
[2013/08/22 16:00:05 | 000,071,466 | ---- | M] () MD5=9424C4C8AE9114A121553818824D33A3 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.16384_none_7ce1f2c1646169a8\appmgmts.dll


[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
[2004/08/04 05:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\atapi.sys
[2013/08/22 14:45:01 | 000,026,464 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\drivers\atapi.sys
[2013/08/22 14:45:01 | 000,026,464 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys


[2004/08/19 23:09:52 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=0BB998A402272141809EE90F9081CB27 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\autochk.exe
[2013/08/22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\WINDOWS\SysNative\autochk.exe
[2013/08/22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2013/08/22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\SysWOW64\autochk.exe
[2013/08/22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
[2013/08/22 14:45:35 | 000,891,392 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\autochk.exe
[2013/08/22 14:45:35 | 000,891,392 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe


[2002/08/30 02:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\beep.sys
[2013/08/22 12:40:24 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=EC19013E4CF87609534165DF897274D6 -- C:\WINDOWS\SysNative\drivers\beep.sys
[2013/08/22 12:40:24 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=EC19013E4CF87609534165DF897274D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.3.9600.16384_none_b4df015ddb944ecf\beep.sys


[2004/08/19 23:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\eventlog.dll


[2013/09/30 05:14:12 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\SysWOW64\explorer.exe
[2013/09/30 05:14:12 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2013/09/30 05:14:03 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\explorer.exe
[2013/09/30 05:14:03 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2007/06/13 13:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\explorer.exe
[2007/06/13 13:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\dllcache\explorer.exe


[2013/08/22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=06692FEB8EBC5AD53AC6C610BC72F1C6 -- C:\Windows\SysWOW64\hidserv.dll
[2013/08/22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=06692FEB8EBC5AD53AC6C610BC72F1C6 -- C:\Windows\WinSxS\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.3.9600.16384_none_d1bf52ca8fc670a6\hidserv.dll
[2013/08/22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=449A20A674AA3FAA7F0DD4E33EE2DC20 -- C:\WINDOWS\SysNative\hidserv.dll
[2013/08/22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=449A20A674AA3FAA7F0DD4E33EE2DC20 -- C:\Windows\WinSxS\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.3.9600.16384_none_c76aa8785b65aeab\hidserv.dll
[2004/08/20 00:09:28 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=BBA013D455C7CD9D8C42E8C7CC7418F9 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\dllcache\hidserv.dll
[2004/08/20 00:09:28 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=BBA013D455C7CD9D8C42E8C7CC7418F9 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\hidserv.dll
[2013/08/22 14:45:30 | 000,032,256 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\hidserv.dll
[2013/08/22 14:45:30 | 000,032,256 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.3.9600.16384_none_c76aa8785b65aeab\hidserv.dll


[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
[2013/08/22 14:45:01 | 000,412,000 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys


[2013/08/22 05:05:58 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=A49453C2A68A410B0A9801954B99AA16 -- C:\Windows\SysWOW64\imm32.dll
[2013/08/22 05:05:58 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=A49453C2A68A410B0A9801954B99AA16 -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.3.9600.16384_none_5769287382c2c571\imm32.dll
[2004/08/19 23:09:28 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=E55DAFA1A354BD5CB69151563DC9748A -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\imm32.dll
[2013/08/22 13:39:04 | 000,209,168 | ---- | M] (Microsoft Corporation) MD5=F3A96882598EA84470646C6501917A98 -- C:\WINDOWS\SysNative\imm32.dll
[2013/08/22 13:39:04 | 000,209,168 | ---- | M] (Microsoft Corporation) MD5=F3A96882598EA84470646C6501917A98 -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.3.9600.16384_none_4d147e214e620376\imm32.dll
[2013/08/22 14:45:40 | 000,209,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\imm32.dll
[2013/08/22 14:45:40 | 000,209,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.3.9600.16384_none_4d147e214e620376\imm32.dll


[2013/09/30 05:13:59 | 001,286,552 | ---- | M] (Microsoft Corporation) MD5=49E15F35CB03E5B3E8035E829B24A9A6 -- C:\WINDOWS\SysNative\kernel32.dll
[2013/09/30 05:13:59 | 001,286,552 | ---- | M] (Microsoft Corporation) MD5=49E15F35CB03E5B3E8035E829B24A9A6 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.3.9600.16408_none_84d6c7ba29fe121d\kernel32.dll
[2007/04/16 15:53:12 | 001,049,600 | ---- | M] (Microsoft Corporation) MD5=6F1FE2AE7B22EB9CED1BFF533C9455EA -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\dllcache\kernel32.dll
[2007/04/16 15:53:12 | 001,049,600 | ---- | M] (Microsoft Corporation) MD5=6F1FE2AE7B22EB9CED1BFF533C9455EA -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\kernel32.dll
[2013/09/30 05:14:10 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=85F84608007D85E76815CF7DB37B1B23 -- C:\Windows\SysWOW64\kernel32.dll
[2013/09/30 05:14:10 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=85F84608007D85E76815CF7DB37B1B23 -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.3.9600.16408_none_8f2b720c5e5ed418\kernel32.dll
[2013/08/22 14:45:30 | 001,288,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\kernel32.dll
[2013/08/22 14:45:30 | 001,288,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.3.9600.16384_none_847c454c2a428f22\kernel32.dll


[2013/08/22 03:55:25 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=5B4FF009D24F73F6FC6EB4870A789843 -- C:\Windows\SysWOW64\mswsock.dll
[2013/08/22 03:55:25 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=5B4FF009D24F73F6FC6EB4870A789843 -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.16384_none_4cf31b8d48e553cc\mswsock.dll
[2004/08/19 23:09:34 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6FA2DDF70DC9B762EBF8920F89B6BEA3 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\mswsock.dll
[2013/08/22 11:05:19 | 000,338,432 | ---- | M] (Microsoft Corporation) MD5=896B307E803430F67EC772807F9CC023 -- C:\WINDOWS\SysNative\mswsock.dll
[2013/08/22 11:05:19 | 000,338,432 | ---- | M] (Microsoft Corporation) MD5=896B307E803430F67EC772807F9CC023 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.16384_none_a911b7110142c502\mswsock.dll
[2013/08/22 14:45:19 | 000,338,432 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\mswsock.dll
[2013/08/22 14:45:19 | 000,338,432 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.16384_none_a911b7110142c502\mswsock.dll


[2004/08/04 06:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\ndis.sys
[2013/09/30 05:13:57 | 001,119,576 | ---- | M] (Microsoft Corporation) MD5=AD9086052A5E5153AF43FE74138A4B27 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2013/09/30 05:13:57 | 001,119,576 | ---- | M] (Microsoft Corporation) MD5=AD9086052A5E5153AF43FE74138A4B27 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2013/08/22 14:25:35 | 001,118,552 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\drivers\ndis.sys
[2013/08/22 14:25:35 | 001,118,552 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16384_none_4a13de3ffc031231\ndis.sys


[2013/08/22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\SysWOW64\netlogon.dll
[2013/08/22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2004/08/19 23:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\netlogon.dll
[2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\WINDOWS\SysNative\netlogon.dll
[2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2013/08/22 14:45:16 | 000,832,512 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\netlogon.dll
[2013/08/22 14:45:16 | 000,832,512 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll


[2007/02/09 11:10:36 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\dllcache\ntfs.sys
[2007/02/09 11:10:36 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\ntfs.sys
[2013/08/22 14:25:41 | 002,011,488 | ---- | M] (Microsoft Corporation) MD5=4412D565C0278C401575E11072C7DCE3 -- C:\WINDOWS\SysNative\drivers\ntfs.sys
[2013/08/22 14:25:41 | 002,011,488 | ---- | M] (Microsoft Corporation) MD5=4412D565C0278C401575E11072C7DCE3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.16384_none_972f89c7f0e2a007\ntfs.sys
[2013/08/22 14:25:41 | 002,011,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\drivers\ntfs.sys
[2013/08/22 14:25:41 | 002,011,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.16384_none_972f89c7f0e2a007\ntfs.sys


[2004/08/19 23:09:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=951543FFB84012D13F4CB09DA2EACE96 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\ntmssvc.dll


[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
[2013/08/22 14:45:01 | 000,168,288 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys


[2013/08/22 04:40:32 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A8B9CDC84D76DE0D253971CDBB0935C6 -- C:\Windows\SysWOW64\proquota.exe
[2013/08/22 04:40:32 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A8B9CDC84D76DE0D253971CDBB0935C6 -- C:\Windows\WinSxS\x86_microsoft-windows-proquota_31bf3856ad364e35_6.3.9600.16384_none_bc66bc5eadfebd27\proquota.exe
[2004/08/19 23:10:02 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=D1F3E5EE7F2D9E0B82A2049A2F03D6A7 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\proquota.exe
[2013/08/22 12:04:11 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=EF8352D18ACA76854D9EBE2DC94E7E07 -- C:\WINDOWS\SysNative\proquota.exe
[2013/08/22 12:04:11 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=EF8352D18ACA76854D9EBE2DC94E7E07 -- C:\Windows\WinSxS\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.3.9600.16384_none_188557e2665c2e5d\proquota.exe


[2013/08/22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) MD5=15225081966C785A9192782401643FD4 -- C:\WINDOWS\SysNative\qmgr.dll
[2013/08/22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) MD5=15225081966C785A9192782401643FD4 -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.3.9600.16384_none_144f24f7cd691200\qmgr.dll
[2004/08/19 23:09:40 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=659F7B6C502051BFA37910614B225548 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\qmgr.dll


[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2004/08/19 23:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\scecli.dll
[2013/08/22 14:45:29 | 000,271,360 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\scecli.dll
[2013/08/22 14:45:29 | 000,271,360 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll


[2004/08/19 23:09:40 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=6D8F3AC555E3F8A569AA9B2A817698C1 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\sfcfiles.dll


[2005/06/10 23:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\spoolsv.exe
[2013/08/22 10:10:12 | 000,798,208 | ---- | M] (Microsoft Corporation) MD5=FE0CB40F36D3FCDD3A1B312EF72C38D5 -- C:\WINDOWS\SysNative\spoolsv.exe
[2013/08/22 10:10:12 | 000,798,208 | ---- | M] (Microsoft Corporation) MD5=FE0CB40F36D3FCDD3A1B312EF72C38D5 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.16384_none_c70a032c957fcb8a\spoolsv.exe


[2004/08/19 23:10:04 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\svchost.exe
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2013/08/22 14:45:16 | 000,037,768 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\svchost.exe
[2013/08/22 14:45:16 | 000,037,768 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe


[2013/08/22 10:38:21 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=2C77831737491F4D684D315B95C62883 -- C:\WINDOWS\SysNative\termsrv.dll
[2013/08/22 10:38:21 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=2C77831737491F4D684D315B95C62883 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.3.9600.16389_none_7f62a34528369c89\termsrv.dll
[2004/08/19 23:09:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=78F90C3E230AD122BCB116ABAD5FEFE9 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\termsrv.dll


[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2004/08/19 23:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\userinit.exe
[2013/08/22 14:45:19 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\userinit.exe
[2013/08/22 14:45:19 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe


[2004/08/19 22:59:12 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=313B1A0D5DB26DFE1C34A6C13B2CE0A7 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\drivers\volsnap.sys
[2013/08/22 13:39:15 | 000,312,160 | ---- | M] (Microsoft Corporation) MD5=9F9CE33B50611A1C61A46B8911E0B30B -- C:\WINDOWS\SysNative\drivers\volsnap.sys
[2013/08/22 13:39:15 | 000,312,160 | ---- | M] (Microsoft Corporation) MD5=9F9CE33B50611A1C61A46B8911E0B30B -- C:\WINDOWS\SysNative\DriverStore\FileRepository\volume.inf_amd64_50d690313539fa92\volsnap.sys
[2013/08/22 13:39:15 | 000,312,160 | ---- | M] (Microsoft Corporation) MD5=9F9CE33B50611A1C61A46B8911E0B30B -- C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.16384_none_0675178bd00c0141\volsnap.sys
[2013/08/22 14:45:00 | 000,312,160 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\drivers\volsnap.sys
[2013/08/22 14:45:00 | 000,312,160 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.16384_none_0675178bd00c0141\volsnap.sys


[2013/09/30 05:14:17 | 001,818,112 | ---- | M] (Microsoft Corporation) MD5=68C08985BAA6BE6826AD23484EEA62D9 -- C:\Windows\SysWOW64\wininet.dll
[2013/09/30 05:14:17 | 001,818,112 | ---- | M] (Microsoft Corporation) MD5=68C08985BAA6BE6826AD23484EEA62D9 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.16412_none_a97e15a4cc786beb\wininet.dll
[2007/12/07 01:07:06 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=C5A40DE381481D288ADDEE45FC67F652 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\dllcache\wininet.dll
[2007/12/07 01:07:06 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=C5A40DE381481D288ADDEE45FC67F652 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\wininet.dll
[2013/09/30 05:14:00 | 002,332,160 | ---- | M] (Microsoft Corporation) MD5=F267E9AE8279DF0F4F0246135F2BAF5C -- C:\WINDOWS\SysNative\wininet.dll
[2013/09/30 05:14:00 | 002,332,160 | ---- | M] (Microsoft Corporation) MD5=F267E9AE8279DF0F4F0246135F2BAF5C -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.16412_none_059cb12884d5dd21\wininet.dll
[2013/08/22 14:45:26 | 002,328,064 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\wininet.dll
[2013/08/22 14:45:26 | 002,328,064 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.16384_none_05ae558a84c7a5d3\wininet.dll


[2013/08/22 10:58:29 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=48CFA7BE561A7BE144C29BB912055016 -- C:\WINDOWS\SysNative\wininit.exe
[2013/08/22 10:58:29 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=48CFA7BE561A7BE144C29BB912055016 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16\wininit.exe
[2013/08/22 14:45:19 | 000,144,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\wininit.exe
[2013/08/22 14:45:19 | 000,144,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16\wininit.exe


[2004/08/19 23:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\winlogon.exe
[2004/08/19 23:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\winlogon.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\winlogon.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe


[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
[2004/08/19 23:09:50 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=EED74B969B2CA1ACC558FF60FB420E28 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\System32\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Temp\50e6b188-8b3b-4324-b5e2-813316168273\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll


[2004/08/19 23:09:50 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=912591E2055E26566D1CB54092A7E8B0 -- C:\Users\CHANTALE\Documents\PDF\DIVERS1\PAYE2012\vieu ordi\WINDOWS\system32\xmlprov.dll


"" = mnmsrvc
"Required" = DebugWindows [binary data]
"Debug" =
"Kmode" = \SystemRoot\System32\win32k.sys
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
"Posix" = %SystemRoot%\system32\psxss.exe
"Optional" = Posix [binary data]




[2013/11/02 02:22:33 | 011,222,016 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll








[2013/11/11 18:44:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$I48CXPD.exe
[2013/11/11 08:38:53 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$I51BX81.asd
[2013/11/10 18:12:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$I964DYO.wbk
[2013/11/11 18:44:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IDXEBZT.exe
[2013/11/11 18:44:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IEAFAGM.exe
[2013/11/11 18:44:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IFMCQSE.exe
[2013/11/11 18:44:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$II50NBG.exe
[2013/11/11 08:40:57 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IKQXX9M.wbk
[2013/11/11 08:41:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IMZQP5J.wbk
[2013/11/11 08:41:17 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IU4S3F5.asd
[2013/11/11 08:08:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IUH0UPK.wbk
[2013/11/11 18:44:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IUXM7BD.exe
[2013/11/11 08:40:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IVCI0OJ.wbk
[2013/11/11 08:41:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IWED50W.wbk
[2013/11/11 08:41:41 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$IY9EOCX.asd
[2013/11/11 18:02:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$R48CXPD.exe
[2013/11/10 16:41:11 | 000,028,160 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$R51BX81.asd
[2013/11/10 17:51:17 | 000,071,680 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$R964DYO.wbk
[2013/11/11 18:43:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RDXEBZT.exe
[2013/11/11 17:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$REAFAGM.exe
[2013/11/11 17:55:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RFMCQSE.exe
[2013/11/11 18:43:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RI50NBG.exe
[2013/11/03 03:29:28 | 000,253,440 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RKQXX9M.wbk
[2013/09/23 06:56:07 | 000,463,872 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RMZQP5J.wbk
[2013/10/20 14:10:29 | 000,401,408 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RU4S3F5.asd
[2013/11/11 08:08:19 | 000,028,672 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RUH0UPK.wbk
[2013/11/11 18:43:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RUXM7BD.exe
[2013/11/05 19:48:56 | 000,260,096 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RVCI0OJ.wbk
[2013/10/27 10:10:21 | 000,290,816 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RWED50W.wbk
[2013/10/24 21:03:13 | 000,261,632 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\$RY9EOCX.asd
[2013/11/02 03:55:33 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-653988770-204836806-423564234-1001\desktop.ini
[2013/07/19 12:11:28 | 000,001,084 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013/07/19 12:11:31 | 000,001,088 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/10/18 01:32:09 | 000,000,366 | ---- | C] () -- C:\WINDOWS\Tasks\bench-sys.job
[2013/10/20 14:56:03 | 000,000,310 | ---- | C] () -- C:\WINDOWS\Tasks\bench-Updater removing.job
[2013/11/02 02:26:58 | 000,000,264 | ---- | C] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
[2013/11/09 04:40:24 | 000,000,474 | -H-- | C] () -- C:\WINDOWS\Tasks\Norton Security Scan for CHANTALE.job

========== Alternate Data Streams ==========

@Alternate Data Stream - 456 bytes - C:\WINDOWS\Temp\50e6b188-8b3b-4324-b5e2-813316168273:$WIMMOUNTDATA
@Alternate Data Stream - 199 bytes - C:\Users\CHANTALE\SkyDrive.old:ms-properties
@Alternate Data Stream - 162 bytes - C:\Users\CHANTALE\SkyDrive:ms-properties

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:20
par mariefrancejbk
PARTIE 2



SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX64bit: {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/11/11 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\pdfforge
[2013/11/10 20:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/10 20:22:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/11/10 20:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/09 04:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/11/09 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NSSx64
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2013/11/09 04:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NSSx64\0400030.018
[2013/11/09 04:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/09 04:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/09 04:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/09 02:40:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Adobe
[2013/11/08 01:08:37 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\SkyDrive
[2013/11/05 22:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/05 22:57:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/05 21:35:43 | 000,000,000 | ---D | C] -- C:\Log
[2013/11/05 21:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/05 21:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
[2013/11/05 21:35:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
[2013/11/05 03:05:41 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\Documents\Flash Player Pro
[2013/11/04 23:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/11/04 23:41:46 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll
[2013/11/04 23:41:46 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll
[2013/11/04 23:41:46 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll
[2013/11/04 23:41:46 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll
[2013/11/04 23:41:37 | 001,662,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2013/11/04 23:41:36 | 002,810,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013/11/04 23:41:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll
[2013/11/04 23:41:11 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll
[2013/11/04 23:41:11 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll
[2013/11/04 23:41:09 | 002,587,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2013/11/04 23:41:07 | 001,021,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013/11/04 23:41:02 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2013/11/04 23:41:02 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2013/11/04 23:41:02 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2013/11/04 23:41:02 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2013/11/04 23:41:01 | 000,617,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013/11/04 23:40:56 | 001,286,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2013/11/04 23:40:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2013/11/04 23:40:53 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2013/11/04 23:40:38 | 000,151,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013/11/04 23:38:09 | 002,743,328 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2013/11/04 23:37:58 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2013/11/04 23:37:56 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013/11/04 23:37:56 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll
[2013/11/04 23:30:15 | 002,080,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2013/11/04 22:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2013/11/04 22:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFixer
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com
[2013/11/04 22:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com
[2013/11/04 19:22:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013/11/04 19:10:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013/11/03 13:15:42 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\AVG2014
[2013/11/03 13:14:39 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\AVG SafeGuard toolbar
[2013/11/03 13:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/03 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\TuneUp Software
[2013/11/03 13:14:23 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/11/03 13:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/11/03 13:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/11/03 13:12:23 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/03 13:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/03 13:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/02 11:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/11/02 11:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTurbo
[2013/11/02 11:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverTurbo
[2013/11/02 11:35:47 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\DriverTurbo
[2013/11/02 04:23:57 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\SkyDrive.old
[2013/11/02 03:52:30 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Identities
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2013/11/02 03:33:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2013/11/02 03:33:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2013/11/02 02:47:35 | 000,000,000 | --SD | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Favorites
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Documents
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\Desktop
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/02 02:47:35 | 000,000,000 | R--D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Voisinage réseau
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Voisinage d'impression
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Temporary Internet Files
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\SendTo
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Recent
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Modèles
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Mes vidéos
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Mes images
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Mes documents
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Menu Démarrer
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Documents\Ma musique
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Local Settings
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Historique
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Cookies
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\Application Data
[2013/11/02 02:47:35 | 000,000,000 | -HSD | C] -- C:\Users\CHANTALE\AppData\Local\Application Data
[2013/11/02 02:47:35 | 000,000,000 | -H-D | C] -- C:\Users\CHANTALE\AppData
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Temp
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Microsoft
[2013/11/02 02:47:35 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/02 02:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/11/02 02:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/11/02 02:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2013/11/02 02:26:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/11/02 02:26:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/11/02 02:24:30 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/11/02 02:24:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/11/02 02:22:23 | 000,872,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/02 02:22:23 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/02 02:22:05 | 002,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/02 02:22:05 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/02 02:22:05 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/02 02:22:05 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/02 02:22:05 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/02 02:22:05 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/02 02:22:05 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/02 02:22:05 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/02 02:22:05 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/02 02:22:05 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:22:05 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/11/02 02:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/11/02 02:18:38 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/11/02 02:18:38 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/11/02 02:18:38 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/11/02 02:18:37 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/11/02 02:18:36 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/11/02 02:18:35 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/11/01 12:34:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013/11/01 04:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013/11/01 04:29:12 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\ilividmoviestoolbarha
[2013/10/31 16:18:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VB6STKIT.DLL
[2013/10/31 16:18:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CMDLGFR.DLL
[2013/10/31 16:18:49 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\TFP
[2013/10/28 06:35:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BearShare
[2013/10/28 01:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/10/28 01:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/27 23:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2013/10/27 23:57:55 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\PC_Drivers_Headquarters
[2013/10/27 23:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Restore
[2013/10/27 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore
[2013/10/27 23:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Restore
[2013/10/27 23:00:50 | 000,372,896 | ---- | C] (AnySend.com) -- C:\Users\CHANTALE\AppData\Local\AnySend.exe
[2013/10/27 23:00:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnySend
[2013/10/27 13:38:00 | 000,765,456 | ---- | C] (AnyProtect.com) -- C:\Users\CHANTALE\AppData\Local\AnyProtectScannerSetup.exe
[2013/10/27 13:34:04 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\speedtest4350
[2013/10/27 13:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[2013/10/27 13:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlvPlayer
[2013/10/27 13:25:23 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\mozilla
[2013/10/27 13:00:02 | 001,141,328 | ---- | C] (BitTorrent Inc.) -- C:\Users\CHANTALE\Desktop\utorrent.exe
[2013/10/26 22:55:36 | 004,436,576 | ---- | C] (AVG Technologies) -- C:\Users\CHANTALE\Desktop\avg_free_stb_all_2014_4158_softonic.exe
[2013/10/26 22:43:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\MFAData
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/10/26 22:43:51 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Avg2014
[2013/10/26 21:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 11
[2013/10/26 20:41:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/26 00:51:02 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\Malwarebytes
[2013/10/26 00:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/26 00:50:05 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Programs
[2013/10/20 12:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/10/20 12:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/20 12:46:22 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Software
[2013/10/18 01:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bench
[2013/10/18 01:30:47 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\avgchrome
[2013/10/18 01:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\searchplugins
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Extensions
[2013/10/18 01:27:37 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\uTorrent
[2013/10/18 01:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dactylo
[2013/10/18 01:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dactylo
[2013/05/01 06:35:13 | 003,997,000 | ---- | C] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewerQS6Alliance.exe
[2013/05/01 06:35:12 | 117,695,488 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Sage_Apibatiment_Standard_Batigest_V8.01_Sem3.exe
[5 C:\Users\CHANTALE\Documents\*.tmp files - C:\Users\CHANTALE\Documents\*.tmp - ]

========== Files - Modified Within 30 Days ==========

[2013/11/12 05:05:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/11/12 04:38:21 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/12 03:56:15 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\bench-sys.job
[2013/11/12 02:31:05 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/11 19:06:54 | 000,001,486 | ---- | M] () -- C:\Users\CHANTALE\Desktop\OTL - Raccourci.lnk
[2013/11/11 14:34:29 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/11 14:34:24 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/11 14:23:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/11 14:23:24 | 3395,051,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/10 20:22:11 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/10 18:19:25 | 000,001,337 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/10 18:19:25 | 000,001,026 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/09 13:53:57 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for CHANTALE.job
[2013/11/09 04:40:21 | 000,001,480 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
[2013/11/05 22:58:42 | 000,001,806 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/05 21:35:43 | 000,000,081 | ---- | M] () -- C:\WINDOWS\spwdrhfa.INI
[2013/11/05 21:35:35 | 000,001,229 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
[2013/11/05 10:04:31 | 001,824,010 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/05 10:04:31 | 000,812,350 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2013/11/05 10:04:31 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/05 10:04:31 | 000,159,412 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2013/11/05 10:04:31 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/04 22:10:23 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013/11/04 22:05:22 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
[2013/11/03 13:39:56 | 209,715,200 | ---- | M] () -- C:\Users\CHANTALE\Documents\Coffre-fort de données.avgfv
[2013/11/03 13:35:45 | 000,000,948 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Coffre-fort de données.lnk
[2013/11/03 13:14:33 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/03 13:13:58 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/11/02 11:36:41 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\DriverTurbo.lnk
[2013/11/02 03:32:56 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/11/02 03:32:56 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/11/02 03:32:30 | 000,023,108 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/02 02:58:58 | 000,409,872 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/11/02 02:27:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013/11/02 02:26:58 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/02 02:26:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/02 02:26:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/02 02:22:23 | 000,872,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/02 02:22:23 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/02 02:22:17 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/11/02 02:22:17 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/02 02:22:05 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/02 02:22:05 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/02 02:22:05 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/02 02:22:05 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/02 02:22:05 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/02 02:22:05 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/02 02:22:05 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,837,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/02 02:22:05 | 000,698,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/02 02:22:05 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/02 02:22:05 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/02 02:22:05 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/02 02:22:05 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:22:05 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/02 02:22:05 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/02 02:07:34 | 000,327,680 | ---- | M] () -- C:\WINDOWS\SysNative\Ikeext.etl
[2013/11/01 19:53:42 | 000,213,736 | ---- | M] () -- C:\WINDOWS\SysNative\cleenregistre.reg
[2013/11/01 12:36:22 | 000,001,052 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/10/31 16:19:37 | 000,002,235 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Facebook.lnk
[2013/10/31 16:19:37 | 000,002,231 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Youtube.lnk
[2013/10/31 16:19:37 | 000,001,388 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Torch.lnk
[2013/10/31 16:19:01 | 000,001,192 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/10/29 22:32:52 | 000,608,471 | ---- | M] () -- C:\Users\CHANTALE\Documents\29OCTOBRE.pdf
[2013/10/28 06:35:16 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\Installer BearShare.lnk
[2013/10/28 02:08:56 | 000,127,915 | ---- | M] () -- C:\Users\CHANTALE\Documents\BILANJOBKEL.pdf
[2013/10/28 01:17:51 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/27 23:56:52 | 000,002,298 | ---- | M] () -- C:\Users\Public\Desktop\Driver Restore.lnk
[2013/10/27 23:00:51 | 000,000,866 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Continue AnySend Installation.lnk
[2013/10/27 23:00:44 | 000,372,896 | ---- | M] (AnySend.com) -- C:\Users\CHANTALE\AppData\Local\AnySend.exe
[2013/10/27 13:38:19 | 000,000,392 | ---- | M] () -- C:\Users\CHANTALE\Desktop\FREE Games.url
[2013/10/27 13:38:16 | 000,351,112 | ---- | M] () -- C:\Users\CHANTALE\AppData\Local\mysearchdial-speeddial.crx
[2013/10/27 13:27:13 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\FlvPlayer.lnk
[2013/10/27 13:03:32 | 000,000,865 | ---- | M] () -- C:\Users\CHANTALE\Desktop\µTorrent.lnk
[2013/10/27 13:03:32 | 000,000,845 | ---- | M] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/10/27 13:01:46 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\CHANTALE\Desktop\utorrent.exe
[2013/10/26 22:56:16 | 004,436,576 | ---- | M] (AVG Technologies) -- C:\Users\CHANTALE\Desktop\avg_free_stb_all_2014_4158_softonic.exe
[2013/10/22 17:40:06 | 000,673,037 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013/10/22 17:11:30 | 000,151,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013/10/21 13:42:46 | 000,765,456 | ---- | M] (AnyProtect.com) -- C:\Users\CHANTALE\AppData\Local\AnyProtectScannerSetup.exe
[2013/10/21 10:46:30 | 002,587,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2013/10/20 14:56:03 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\bench-Updater removing.job
[2013/10/20 12:50:31 | 000,001,110 | ---- | M] () -- C:\Users\CHANTALE\Desktop\Flash Player Pro.lnk
[2013/10/18 16:41:34 | 001,286,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2013/10/18 01:21:30 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/10/16 03:43:50 | 000,209,096 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[5 C:\Users\CHANTALE\Documents\*.tmp files - C:\Users\CHANTALE\Documents\*.tmp - ]

========== Files Created - No Company Name ==========

[2013/11/12 03:39:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/11/11 19:00:55 | 000,001,486 | ---- | C] () -- C:\Users\CHANTALE\Desktop\OTL - Raccourci.lnk
[2013/11/10 20:22:11 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/09 04:40:24 | 000,000,474 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for CHANTALE.job
[2013/11/09 04:40:21 | 000,001,480 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
[2013/11/09 04:40:14 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NSSx64\0400030.018\isolate.ini
[2013/11/05 22:58:42 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/05 21:35:35 | 000,001,229 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
[2013/11/05 21:35:32 | 000,000,081 | ---- | C] () -- C:\WINDOWS\spwdrhfa.INI
[2013/11/04 23:40:54 | 000,673,037 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013/11/04 22:07:46 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013/11/04 22:05:22 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk
[2013/11/03 13:35:45 | 000,000,948 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Coffre-fort de données.lnk
[2013/11/03 13:35:14 | 209,715,200 | ---- | C] () -- C:\Users\CHANTALE\Documents\Coffre-fort de données.avgfv
[2013/11/03 13:14:33 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/02 11:36:41 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\DriverTurbo.lnk
[2013/11/02 03:32:31 | 000,023,108 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/02 02:54:37 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/11/02 02:47:35 | 000,000,352 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/02 02:47:35 | 000,000,334 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/02 02:47:24 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/11/02 02:47:24 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/11/02 02:27:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/11/02 02:26:58 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/02 02:26:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/02 02:26:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/01 19:53:28 | 000,213,736 | ---- | C] () -- C:\WINDOWS\SysNative\cleenregistre.reg
[2013/10/31 16:19:01 | 000,002,235 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Facebook.lnk
[2013/10/31 16:19:01 | 000,002,231 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Youtube.lnk
[2013/10/31 16:19:01 | 000,001,396 | ---- | C] () -- C:\Users\CHANTALE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[2013/10/31 16:18:40 | 000,001,388 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Torch.lnk
[2013/10/31 16:18:40 | 000,001,192 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/10/31 16:17:57 | 000,001,052 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/10/29 22:32:49 | 000,608,471 | ---- | C] () -- C:\Users\CHANTALE\Documents\29OCTOBRE.pdf
[2013/10/28 06:35:16 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\Installer BearShare.lnk
[2013/10/28 02:08:54 | 000,127,915 | ---- | C] () -- C:\Users\CHANTALE\Documents\BILANJOBKEL.pdf
[2013/10/28 01:17:51 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/27 23:56:52 | 000,002,298 | ---- | C] () -- C:\Users\Public\Desktop\Driver Restore.lnk
[2013/10/27 23:00:51 | 000,000,866 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Continue AnySend Installation.lnk
[2013/10/27 13:38:21 | 000,351,112 | ---- | C] () -- C:\Users\CHANTALE\AppData\Local\mysearchdial-speeddial.crx
[2013/10/27 13:38:19 | 000,000,392 | ---- | C] () -- C:\Users\CHANTALE\Desktop\FREE Games.url
[2013/10/27 13:27:13 | 000,001,041 | ---- | C] () -- C:\Users\Public\Desktop\FlvPlayer.lnk
[2013/10/27 13:03:32 | 000,000,865 | ---- | C] () -- C:\Users\CHANTALE\Desktop\µTorrent.lnk
[2013/10/27 13:03:32 | 000,000,845 | ---- | C] () -- C:\Users\CHANTALE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/10/20 14:56:03 | 000,000,310 | ---- | C] () -- C:\WINDOWS\tasks\bench-Updater removing.job
[2013/10/20 12:50:31 | 000,001,110 | ---- | C] () -- C:\Users\CHANTALE\Desktop\Flash Player Pro.lnk
[2013/10/18 01:32:09 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\bench-sys.job
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/29 22:56:06 | 000,139,776 | ---- | C] () -- C:\WINDOWS\SysWow64\ApiOleSocket.dll
[2013/05/01 06:35:09 | 028,858,864 | ---- | C] () -- C:\Program Files (x86)\Sage_Apibatiment_Comptabilite_Standard_V850_sem06(2).exe
[2013/05/01 06:35:08 | 016,200,144 | ---- | C] () -- C:\Program Files (x86)\Patch_Sage_Apibatiment_Paye_Standard_V850_sem08 (2).exe
[2013/02/21 02:52:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/02/21 02:52:20 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsnl.dat
[2013/02/21 02:52:14 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/02/21 02:52:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsny.dat
[2013/02/21 02:52:10 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/10/11 00:42:01 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/05/11 00:35:16 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012/04/20 21:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2011/12/15 13:19:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\dynprint.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/30 05:14:01 | 021,195,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/30 05:14:11 | 018,640,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:23
par mariefrancejbk
Bonjour détraqué j'espère que vous allez bien je vous envoie le rapport d'otl avec les bonne instructions que vous m'avez demandez
amicalement Marie-France


PARTIE 1


OTL logfile created on: 12/11/2013 04:55:39 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CHANTALE\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,95 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 41,23% Memory free
7,95 Gb Paging File | 3,92 Gb Available in Paging File | 49,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585,57 Gb Total Space | 219,51 Gb Free Space | 37,49% Space Free | Partition Type: NTFS

Computer Name: CHANTAL | User Name: CHANTALE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/11 17:41:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHANTALE\Downloads\OTL.exe
PRC - [2013/10/13 22:33:34 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/10/09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/07 20:19:22 | 000,240,736 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/08/08 15:18:38 | 000,559,552 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/01 23:01:26 | 000,155,488 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2012/07/17 22:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 22:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/06/27 20:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/06/25 18:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/08/01 23:01:27 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2012/08/01 23:01:27 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2012/08/01 23:01:26 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2012/08/01 23:01:26 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2012/08/01 23:01:26 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
MOD - [2012/08/01 23:01:25 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2012/08/01 23:01:25 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2012/08/01 23:01:25 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2012/08/01 23:01:25 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
MOD - [2012/08/01 23:01:25 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
MOD - [2012/08/01 23:01:25 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2012/08/01 23:01:24 | 000,446,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/25 18:08:12 | 002,768,208 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV:64bit: - [2013/10/16 15:32:54 | 000,289,496 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013/09/30 05:14:12 | 001,581,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/09/30 05:14:02 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/30 05:14:00 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/30 05:14:00 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/30 05:13:59 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/30 05:13:59 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/09/30 05:13:58 | 001,302,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/08/22 13:39:24 | 003,395,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:03:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/02/21 02:52:14 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/08/25 01:33:20 | 000,291,240 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2012/07/28 17:20:44 | 000,458,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2012/07/27 22:35:00 | 000,053,384 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2012/04/20 22:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009/07/28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/10/07 20:19:22 | 000,240,736 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/30 05:13:57 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/08 15:18:38 | 000,559,552 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2013/07/25 07:53:04 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/18 18:05:46 | 000,116,088 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/17 22:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 22:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/06/27 20:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 18:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/10/13 22:38:46 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2011/03/14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/03 13:13:58 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/23 16:28:54 | 000,017,568 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys -- (ma-config_amd64)
DRV:64bit: - [2013/09/30 05:14:00 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/09/30 05:13:57 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/30 05:13:57 | 000,371,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/09/30 05:13:57 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/30 05:13:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:13:57 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/09/30 05:13:57 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/09/30 04:59:54 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 04:59:49 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/25 21:07:30 | 000,148,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/09/08 22:11:42 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/09/04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/09/02 10:59:14 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/09/02 10:29:18 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/09/02 10:26:50 | 000,192,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/09/02 10:26:42 | 000,241,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,325,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,056,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/20 22:53:58 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/31 19:25:43 | 001,936,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/30 10:01:20 | 000,252,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/24 08:02:14 | 000,025,496 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/21 02:52:22 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/02/21 02:52:16 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/14 17:39:30 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/08/14 17:39:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/07/31 20:28:54 | 000,028,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2012/07/31 19:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/26 00:34:42 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2012/07/25 00:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (TDCMDPST)
DRV:64bit: - [2012/07/21 23:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012/07/17 07:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/18 18:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2012/06/13 17:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2011/09/09 10:51:02 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2009/09/11 22:11:46 | 000,014,344 | ---- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys -- (PEGAGFN)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5FA89D4F-B8BF-48D4-8BF6-AC8A474D424D}: "URL" = http://www.bing.com/search?q={searchTer ... Rpc=MATMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE - HKLM\..\SearchScopes\{41A9059A-E811-D119-4639-27BDCBB89310}: "URL" = http://start.mysearchdial.com/results.p ... 0543265ir=
IE - HKLM\..\SearchScopes\{5FA89D4F-B8BF-48D4-8BF6-AC8A474D424D}: "URL" = http://www.bing.com/search?q={searchTer ... Rpc=MATMJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\..\SearchScopes\{7D06C8A9-0BD3-7834-10CA-173233576268}: "URL" = http://search.conduit.com/Results.aspx? ... earchTerms}
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-653988770-204836806-423564234-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedtest4350@BestOffers: C:\Users\CHANTALE\AppData\Roaming\Mozilla\Extensions\speedtest4350@BestOffers [2013/10/27 13:34:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedtest4350@BestOffers: C:\Users\CHANTALE\AppData\Roaming\Mozilla\Extensions\speedtest4350@BestOffers [2013/10/27 13:34:10 | 000,000,000 | ---D | M]

[2013/10/27 13:34:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CHANTALE\AppData\Roaming\mozilla\Extensions
[2013/10/27 13:34:10 | 000,000,000 | ---D | M] (Speed Test (4350)) -- C:\Users\CHANTALE\AppData\Roaming\mozilla\Extensions\speedtest4350@BestOffers
[2013/10/18 01:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Ask.com (Enabled)
CHR - default_search_provider: search_url = http://dts.search.ask.com/sr?src=crbgct ... earchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com
CHR - Extension: Movies Toolbar = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\26.56092_0\
CHR - Extension: Allin1Convert = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndabehhdchlmpligpihaanhnkcbbbppp\5.41.2.15020_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\CHANTALE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\SEARCH~2.DLL File not found
O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\SEARCH~2.DLL File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaDynamicIconUtility] C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation)
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [Desktop] wscript.exe //B "C:\Users\CHANTALE\AppData\Local\Temp\Desktop.vbs" File not found
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [Driver Restore] C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [DriverTurbo] C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe ()
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [iLivid] "C:\Users\CHANTALE\AppData\Local\iLivid\iLivid.exe" -autorun File not found
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [Speech Recognition] C:\windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-653988770-204836806-423564234-1001..\Run: [uTorrent] C:\Users\CHANTALE\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-653988770-204836806-423564234-1001\..Trusted Domains: ma-config.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-653988770-204836806-423564234-1001\..Trusted Domains: ma-config.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-653988770-204836806-423564234-1001\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/Cl ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26092818-05FF-43EF-941B-7A7C247BEC96}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D90CC258-28F2-47E0-8A21-40EEC42C8495}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\cltmngsvc.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:36
par dédétraqué
Salut mariefrancejbk


Arrête de poster les rapports sur le forum, il sont trop long pour le forum, il faut utilisé cjoint comme expliqué plus haut.

As-tu fais le scan avec Malwarebyte's comme demandé plus haut?


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:41
par mariefrancejbk
OUI C'EST FAIT j'en fait quoi merci

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 17:45
par dédétraqué
Salut mariefrancejbk


Et bien tu me poste le rapport de MalwareByte's, il peut être retrouvé sous l'onglet [g]Rapports/logs[/g] du logiciel. Une fois le rapport ouvert, tu me fais un copier/coller dans ta prochaine réponse.


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 21:10
par mariefrancejbk
BONJOUR A TOI VOICI LE RAPPORT DEMANDE BISOUS MARIE FRANCE

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.12.09

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16384
CHANTALE :: CHANTAL [administrateur]

Protection: Activé

12/11/2013 17:39:07
MBAM-log-2013-11-12 (21-08-37).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 510155
Temps écoulé: 2 heure(s), 16 minute(s),

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 7
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWEETIMSETUP.EXE (PUP.Optional.SweetIM) - Aucune action effectuée.
HKCU\Software\ilividmoviestoolbarha (PUP.Optional.ILividTB.A) - Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
HKCR\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3D86A75B-CB6B-4764-885D-CA6336F04BA2} (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3D86A75B-CB6B-4764-885D-CA6336F04BA2} (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2} (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.

Valeur(s) du Registre détectée(s): 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3D86A75B-CB6B-4764-885D-CA6336F04BA2} (PUP.Optional.MoviesToolBar.A) - Données: Movies Toolbar (Dist. by Bandoo Media, Inc.) - Aucune action effectuée.

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 3
C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) - Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) - Aucune action effectuée.

Fichier(s) détecté(s): 142
C:\2013\Documents\DOCUMENTHP\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\rcpsetup_softonic_catsecurity.exe (PUP.Optional.RegCleanerPro) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTHP\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\SoftonicDownloader_pour_vuze.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTHP\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup(1).exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTHP\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup.exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTHP\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\video_downloader.exe (PUP.BundleInstaller.VG) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\rcpsetup_softonic_catsecurity.exe (PUP.Optional.RegCleanerPro) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\SoftonicDownloader_pour_vuze.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup(1).exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup.exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\2013\Documents\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\video_downloader.exe (PUP.BundleInstaller.VG) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll.vir (PUP.Optional.DealPly.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_DLL_nsj6FAE.dll.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\uninstall.exe.vir (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\uninstall.exe.vir (PUP.Optional.MoviesToolBar.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll.vir (PUP.Optional.Bandoo.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bg.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe.vir (PUP.Optional.PlusHD.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Users\CHANTALE\AppData\Local\Temp\eIntaller\287EC31CE75340fe8F9FBD1F2A74242B\5402a86b22.exe.vir (PUP.Optional.Wsys.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Users\CHANTALE\AppData\Local\Temp\eIntaller\287EC31CE75340fe8F9FBD1F2A74242B\eXQ.exe.vir (PUP.Optional.Wilsys.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Users\CHANTALE\AppData\Local\Temp\eIntaller\A9BCE17AC5AF4502A3AB89B843B4795A\eXQ.exe.vir (PUP.Optional.Wilsys.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Users\CHANTALE\AppData\Local\Temp\eIntaller\A9BCE17AC5AF4502A3AB89B843B4795A\f28408fc52.exe.vir (PUP.Optional.Wsys.A) - Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\1.7.0.0\Updater.exe (PUP.Optional.Adwareplugin) - Aucune action effectuée.
C:\Users\CHANTALE\Documents\PDF\DIVERS\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\rcpsetup_softonic_catsecurity.exe (PUP.Optional.RegCleanerPro) - Aucune action effectuée.
C:\Users\CHANTALE\Documents\PDF\DIVERS\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\SoftonicDownloader_pour_vuze.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\Users\CHANTALE\Documents\PDF\DIVERS\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup(1).exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\Users\CHANTALE\Documents\PDF\DIVERS\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\sweetimsetup.exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\Users\CHANTALE\Documents\PDF\DIVERS\DOCUMENTS PERSONNEL\LOGICIEL\COURSIFORMATIQUE\video_downloader.exe (PUP.BundleInstaller.VG) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\BearShareSetup-r702-w-bc (1).exe (PUP.Optional.MusicToolbar.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\BearShareSetup-r702-w-bc.exe (PUP.Optional.MusicToolbar.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (1).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (2).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (3).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (4).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (5).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc (6).exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\iLividSetup-r585-n-bc.exe (PUP.Optional.Bandoo) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\Java.exe (PUP.Optional.BundleInstaller.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\Java7.exe (PUP.Optional.BundleInstaller.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\Malwarebytes Anti-Malware.exe (PUP.Optional.Firseria) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (1).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (10).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (11).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (12).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (2).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\setup (6).exe (PUP.Optional.OutBrowse) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\Setup.exe (PUP.Optional.ExpressInstall.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\SoftonicDownloader_pour_avg-anti-virus-free-2014.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\SoftonicDownloader_pour_utorrent (1).exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\SoftonicDownloader_pour_utorrent.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\speedupmypc.exe (PUP.Optional.SpeedUpMyPC.A) - Aucune action effectuée.
C:\Users\CHANTALE\Downloads\utorrent.exe (PUP.Optional.InstallCore) - Aucune action effectuée.
C:\Users\CHANTALE\Videos\COURSIFORMATIQUE\rcpsetup_softonic_catsecurity.exe (PUP.Optional.RegCleanerPro) - Aucune action effectuée.
C:\Users\CHANTALE\Videos\COURSIFORMATIQUE\SoftonicDownloader_pour_vuze.exe (PUP.Optional.Softonic.A) - Aucune action effectuée.
C:\Users\CHANTALE\Videos\COURSIFORMATIQUE\sweetimsetup(1).exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\Users\CHANTALE\Videos\COURSIFORMATIQUE\sweetimsetup.exe (PUP.Optional.SweetIM) - Aucune action effectuée.
C:\Users\CHANTALE\Videos\COURSIFORMATIQUE\video_downloader.exe (PUP.BundleInstaller.VG) - Aucune action effectuée.
C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Datamngr\S-1-5-21-653988770-204836806-423564234-1001.cfg (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\ProgramData\Datamngr\stats.cfg (PUP.Optional.Datamngr.A) - Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) - Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\Updater.exe (PUP.Optional.AdwarePlugin) - Aucune action effectuée.

(fin)

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 21:24
par dédétraqué
Salut mariefrancejbk


As-tu supprimer les infections trouvés? Car cela indique que tu n'as rien supprimer...

Image Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite coche les éléments trouvés puis sur Supprimer la sélection


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 22:20
par mariefrancejbk
Oui je L'ai fait du reste j'ai relancé le logiciel pour vraiment etres sur qu'il y a plus rien par contre que dois je faire après car comme je te l(ai déja dit j(ai des publicitès pornos sur certain message email . quand j'écris tous ce souligne en rouge ou en vert et maintenant quand j(ouvre google plusieurs page en meme temps s'ouvre automatiquement merci détraqué de me dire la suite .

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 22:35
par dédétraqué
Salut mariefrancejbk


On va faire une chose a la fois...

j'ai relancé le logiciel pour vraiment etres sur qu'il y a plus rienOK tu posteras le rapport quand cela sera fini..


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mar. 12 nov. 2013 23:51
par mariefrancejbk
Voici le rapport je crois que tout est niquel


Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.12.09

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16384
CHANTALE :: CHANTAL [administrateur]

Protection: Activé

12/11/2013 21:31:01
mbam-log-2013-11-12 (21-31-01).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 510282
Temps écoulé: 2 heure(s), 18 minute(s), 33 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 00:21
par dédétraqué
Salut mariefrancejbk


Refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport, pas sur le forum directement.


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 12:00
par mariefrancejbk
Bonjour Détraqué J'espère que tu vas bien voici le rapport demandé en espèrant que j'ai bien fait les bonnes manipulations a tout a l'heure merci amicalement Marie-france


http://cjoint.com/?0Knl5fraVy8

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 15:48
par dédétraqué
Salut mariefrancejbk


Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve dans la citation ci-dessous, et colle-la dans la zone sous " Personnalisation "
Bien inclure :OTL au début du script de correction

:OTL
IE - HKLM\..\SearchScopes\{41A9059A-E811-D119-4639-27BDCBB89310}: "URL" = http://start.mysearchdial.com/results.p ... 0543265ir=
IE - HKCU\..\SearchScopes\{7D06C8A9-0BD3-7834-10CA-173233576268}: "URL" = http://search.conduit.com/Results.aspx? ... earchTerms}
O4 - HKCU\..\Run: [Desktop] wscript.exe //B "C:\Users\CHANTALE\AppData\Local\Temp\Desktop.vbs" File not found
O4 - HKCU\..\Run: [iLivid] "C:\Users\CHANTALE\AppData\Local\iLivid\iLivid.exe" -autorun File not found    
[2013/11/11 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Roaming\pdfforge    
[2013/11/01 04:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013/11/01 04:29:12 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\ilividmoviestoolbarha
[2013/10/20 12:46:22 | 000,000,000 | ---D | C] -- C:\Users\CHANTALE\AppData\Local\Software    
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\searchplugins
[2013/10/18 01:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Extensions

:Commands
[Emptytemp]* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.


@++  

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 16:15
par mariefrancejbk
bonjour dédétraqué j'ai windows 8.1 je ne trouve pas vista seven c'est ou cette application a +

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 16:44
par dédétraqué
Salut mariefrancejbk


J'ai modifier mon poste, voir a suivre ce qui est indiqué.


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 19:39
par mariefrancejbk
re dedetraqué voici le rapport demandé


http://cjoint.com/?0KntBwEQNtS

On m'a piraté mon Facebook et mon adresse mail

Posté : mer. 13 nov. 2013 19:58
par mariefrancejbk
C'est la meme chose qui m'est arrivé

Arcachon : l'adjoint aux sports victime d'une arnaque sur Facebook
Le compte d'Yves Herszfeld a été piraté. Certains de ses "amis" Facebook se sont fait piéger


L’adjoint aux sports d’Arcachon et directeur du port de pêche, Yves Herszfeld, vient d’être la victime d’une arnaque sur Facebook.

Dimanche soir, il a reçu un message sur sa page Facebook lui expliquant que "quelqu’un disait du mal de lui". Il a cliqué sur le lien, est tombé sur une imitation de sa page Facebook et s’est reconnecté avec son mot de passe. Sans s’apercevoir qu’en fait il donnait son mot de passe à un arnaqueur.


Ses très nombreux amis ont alors reçu des cascades de messages, censés venir de lui, indiquant qu’il avait perdu le code de son portable et qu’il fallait appeler un numéro de téléphone pour l’aider à le débloquer.

Certains ont flairé l’arnaque, d’autres ont posé une question à laquelle l’interlocuteur mystérieux était incapable de répondre. Mais d’autres se sont laissé abuser.

Sept de ses amis (du moins ceux qui se sont manifestés) ont effectivement appelé ce numéro surtaxé et les factures ont très vite grimpé. Jusqu’à 350 euros de communication téléphonique pour l’un d’eux.

Dès qu’il a été informé de cette arnaque, Yves Herzsfeld a aussitôt alerté ses amis sur Facebook et surtout déposé plainte au commissariat d’Arcachon.

D’après les recherches effectuées par des informaticiens, ce numéro surtaxé provenait du Maroc.

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 15:49
par dédétraqué
Salut mariefrancejbk


Tu n'as pas fais la bonne manipulation, tu as cliqué sur Analyse au lieu Correction pour supprimer les infection sur le PC.

Bien relire et refaire la dernière manipulation avec OTL...


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:10
par mariefrancejbk
http://cjoint.com/?0KowioDZed1 BONSOIR DETRAQUE VOICI LE RAPPORT A TOUT

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:11
par mariefrancejbk
http://cjoint.com/?0KowioDZed1

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:12
par mariefrancejbk
http://cjoint.com/0KowioDZed1

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:19
par dédétraqué
Salut mariefrancejbk


Cela est bon, as-tu encore ce souci:
par contre il me reste une barre qui s'appelle search et j(au de la publicité pornographique sur ma planète et les mots sont soulignés en vert au lieu d'etre rouge


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:30
par mariefrancejbk
OUI TOUJOURS

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:33
par dédétraqué
Salut mariefrancejbk


Sur quel navigateur rencontres-tu encore des soucis? Google chrome, Firefox ou IE?


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 22:45
par mariefrancejbk
SUR GOOGLE CHROME IL Y A MARQUE SEARCH ET quand je vais sur rechercher ask se met a la place de google

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 23:08
par dédétraqué
Salut mariefrancejbk


Clique sur le menu Google Chrome Image dans la barre d'outils du navigateur.
Sélectionne [g]Paramètres[/g].
Dans [g]Recherche[/g] voir a définir de nouveau Google comme moteur de recherche et supprimer search si présent.

Sélectionne Paramètres de nouveau.
Dans Au démarrage clique sur Ensemble de pages voir a définir de nouveau http://www.google.com/ comme page de démarrage.


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 23:27
par mariefrancejbk
COMMENT DOIS FAIRE POUR RETROUVER MON COMPTE FACEBOOCK VOIR SUJET DU MONSIEUR D'ARCACHON



je voudrais reprendre possession de mon compte, mais je n'y arrive pas du fait que le hackeur a mis un mot de passe coriace dessus. J'ai prevenu Facebook du fait que ce compte a été piraté, mais je n'ai pas trouvé comment faire. J'ai donc tenté de changer l'adresse mail du compte mais il me faut une répondre à une question de sécurité mais sans le vouloir j'ai créer un autre compte et en plus sur le nouveau compte j'ai communiquer mon numéro de portable alors quand je veux récuperer mon compte mariefrancejbk sur faceboock il a ete changé a Marie-FranceJbk par le voleur on me dit de mettre mon numéro de téléphone ce que je fais faceboock me renvois a mon nouveau compte .

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 14 nov. 2013 23:37
par dédétraqué
Salut mariefrancejbk


As-tu été sur cette page et suivre les indications :
http://fr-fr.facebook.com/hacked


@++

On m'a piraté mon Facebook et mon adresse mail

Posté : dim. 1 déc. 2013 00:05
par 2011N2
ImageOù en-est votre problème ?

Deux solutions,
  • Votre problème est résolu, dans ce cas pensez à nous en faire part.
  • Votre problème est toujours d'actualité, merci de nous renseigner sur ce qui ne va pas, et donner des nouvelles régulièrement.


    À bientôt sur FEI !

On m'a piraté mon Facebook et mon adresse mail

Posté : jeu. 26 déc. 2013 23:36
par Dori@n
Image Bonjour,

Nous n'avons plus de nouvelle de l'auteur de ce sujet depuis plus de 10 jours. Nous considérons donc ce problème comme résolu ou abandonné par son auteur. La prochaine fois, merci de nous tenir au courant de l'évolution de votre problème, ou à faire un UP régulièrement !

Ce sujet est verrouillé, si vous souhaitez le reprendre, merci de contacter par message privé un membre de l'équipe de modération du forum.

À bientôt sur FEI !
Heures au format UTC+01:00
Page 1 sur 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/