Il y a actuellement 73 visiteurs
Jeudi 07 Juillet 2022
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Trojan wing32HDQ

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Trojan wing32HDQ

Message le 21 Juin 2012 16:09

Bonjour ,

Pour des raisons que j'ignore , mon PC est me semble t'il infecté par des fénêtres publicitaires qui s'affichent souvent .

D'autre part après avoir fait un scanne spybot m'a découvert un trojan wing32 HDQ

Merci de m'aider car impossible de l'enlever
Tizotte
Visiteur
Visiteur
 
Messages: 4
Inscription: 21 Juin 2012 16:00
 


Re: Trojan wing32HDQ

Message le 21 Juin 2012 17:06

Bonjour

Fait ceci s.t.p

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"
HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s
%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.

http://cjoint.com/
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12737
Inscription: 08 Déc 2009 19:51
 

Re: Trojan wing32HDQ

Message le 21 Juin 2012 18:24

OTL logfile created on: 21/06/2012 19:14:20 - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\LUCAS-\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,19% Memory free
8,00 Gb Paging File | 6,18 Gb Available in Paging File | 77,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 412,76 Gb Free Space | 89,95% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 456,28 Gb Free Space | 99,44% Space Free | Partition Type: NTFS

Computer Name: LUCAS--PC | User Name: LUCAS- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\LUCAS-\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
PRC - C:\Users\LUCAS-\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\qtxml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\qtsql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe (Google Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()


========== Driver Services (SafeList) ==========

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_frFR489
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8C15A0A3-3314-4370-AD07-E38F99B6229A}&mid=5d71595eecab47d09542d1565019a0d1-60ef6fe3060c3f599210b9776086a5ea4c2a9971&lang=en&ds=AVG&pr=pr&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr"
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb164/?loc=IB_DS&a=6OyFsfzv6A&&i=26&search="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/20 19:42:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/20 07:35:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/20 19:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/20 19:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LUCAS-\AppData\Roaming\mozilla\Extensions
[2012/06/21 12:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LUCAS-\AppData\Roaming\mozilla\Firefox\Profiles\x09opba0.default\extensions
[2012/06/01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/20 07:36:12 | 000,003,739 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Tuto4pcBHO Class) - {0722A2AC-4CF8-4310-AFEE-F87AA9BE10AA} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3229168741-767330946-2304600767-1001..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3229168741-767330946-2304600767-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [UpdateTuto4PCHP] C:\Users\LUCAS-\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD0A5032-3D3C-4592-8D93-C5B7CF2B18B0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin



SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/21 13:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2012/06/21 12:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/21 12:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/21 12:44:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/06/21 12:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/21 07:46:59 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{8660E357-FA15-40DA-843D-2456FD3F98AD}
[2012/06/21 07:46:38 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{67CF8F76-04CF-4509-A79B-7420BDAEEC3E}
[2012/06/21 07:38:21 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\adawarebp
[2012/06/21 07:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/06/21 07:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/06/21 07:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/06/20 20:09:46 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\AVG
[2012/06/20 20:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/06/20 19:50:53 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/06/20 19:50:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/06/20 19:46:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{282009A3-CF28-42CE-A65D-A6F57EAC306E}
[2012/06/20 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{53A1F32D-8411-498E-A296-CB8DF4E136B4}
[2012/06/20 19:18:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{636A81E2-460D-4ECD-AC63-F924B8DDD8D7}
[2012/06/20 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{5007CE8F-5792-44D6-9100-A004230A371B}
[2012/06/20 13:35:05 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Macromedia
[2012/06/20 13:34:57 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/20 13:34:57 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/20 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Canon
[2012/06/20 07:36:33 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\AVG2012
[2012/06/20 07:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/06/20 07:35:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/06/20 07:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/06/20 07:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/06/20 07:30:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/20 07:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/06/20 07:19:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Malwarebytes
[2012/06/20 07:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/20 07:17:52 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{B3330DE8-3790-47AF-AE08-BE29C8AE3F29}
[2012/06/20 07:17:30 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{44C71C8A-6EF6-4ACD-A717-F07B6F4043D3}
[2012/06/19 23:03:04 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\fr-FR
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\040C
[2012/06/19 23:02:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
[2012/06/19 23:02:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\bfe.dll.mui
[2012/06/19 23:02:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\pacer.sys.mui
[2012/06/19 23:02:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
[2012/06/19 23:02:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
[2012/06/19 23:02:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
[2012/06/19 22:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/06/19 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\OpenOffice.org
[2012/06/19 22:36:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/19 22:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012/06/19 22:33:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Desktop\OpenOffice.org 3.4 (fr) Installation Files
[2012/06/19 22:26:36 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Tuto4PC
[2012/06/19 22:26:35 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Tuto4pc
[2012/06/19 22:26:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc
[2012/06/19 22:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
[2012/06/19 22:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/06/19 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Mozilla
[2012/06/19 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Mozilla
[2012/06/19 22:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/19 22:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/19 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/19 22:08:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/06/19 21:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012/06/19 21:08:09 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/06/19 21:08:09 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/06/19 21:08:09 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/06/19 21:08:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/06/19 21:03:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/19 21:03:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/06/19 21:03:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/19 21:03:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/19 21:03:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/06/19 21:03:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/19 21:03:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/19 21:03:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/19 21:03:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/06/19 21:03:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/06/19 21:03:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/06/19 21:03:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/06/19 21:03:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/19 21:03:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/06/19 21:03:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/06/19 21:03:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/06/19 21:03:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/06/19 21:03:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/06/19 21:03:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/06/19 21:03:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/19 21:03:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/06/19 21:03:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/06/19 21:03:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/06/19 21:03:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/06/19 21:03:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/19 21:03:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/19 21:03:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/06/19 21:03:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/06/19 21:03:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/19 21:03:57 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/06/19 21:03:57 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/06/19 21:03:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/06/19 19:20:19 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Adobe
[2012/06/19 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{1A56EEE4-58DF-4BD0-ACC4-E1E2D8BE4D74}
[2012/06/19 19:16:06 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{6AF45EB4-B05D-4CE5-A3D2-2CB272EA338E}
[2012/06/19 19:11:27 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/06/19 19:06:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/06/19 19:06:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/06/19 19:06:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/06/19 19:04:42 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012/06/19 19:04:42 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012/06/19 19:03:18 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/06/19 19:03:18 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/06/19 19:03:17 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/06/19 19:00:48 | 001,289,576 | ---- | C] (Microsoft Corporation) -- C:\Users\LUCAS-\Desktop\wlsetup-web.exe
[2012/06/19 18:56:45 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/06/19 18:56:45 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/06/19 18:56:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/06/19 18:56:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/06/19 18:56:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/06/19 18:56:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/06/19 18:56:15 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/06/19 18:56:15 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/06/19 18:56:12 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/06/19 18:56:12 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/06/19 18:56:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/06/19 18:56:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/06/19 18:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/06/19 18:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/06/19 18:55:14 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/06/19 18:55:14 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/19 18:55:05 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/06/19 18:55:05 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/06/19 18:55:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/06/19 18:55:03 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/06/19 18:55:03 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/06/19 18:55:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/06/19 18:55:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/06/19 18:55:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/06/19 18:54:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/06/19 18:54:53 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/06/19 18:54:44 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/06/19 18:54:43 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/06/19 18:54:43 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/06/19 18:54:43 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/06/19 18:54:43 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/06/19 18:54:43 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/06/19 18:54:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/06/19 18:54:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/06/19 18:54:28 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/06/19 18:54:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/06/19 18:54:12 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/06/19 18:54:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/06/19 18:54:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/06/19 18:54:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/06/19 18:54:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/06/19 18:54:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/06/19 18:52:56 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/06/19 18:52:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/06/19 18:52:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/06/19 18:52:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/06/19 18:52:51 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/06/19 18:52:40 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/06/19 18:52:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/06/19 18:52:36 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/06/19 18:52:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/06/19 18:52:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/06/19 18:52:32 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/19 18:52:32 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/19 18:52:25 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/06/19 18:52:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/06/19 18:52:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/06/19 18:52:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/06/19 18:52:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/06/19 18:51:34 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/06/19 18:51:34 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/06/19 18:50:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/06/19 18:50:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/06/19 18:50:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/06/19 18:50:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/06/19 18:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/06/19 18:50:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/06/19 18:50:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/06/19 18:50:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/06/19 18:50:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/06/19 18:50:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/06/19 18:50:46 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/06/19 18:50:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/06/19 18:50:44 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/06/19 18:50:44 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/06/19 18:50:42 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/06/19 18:50:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/06/19 18:50:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/06/19 18:50:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/06/19 18:50:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/06/19 18:50:00 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/06/19 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Windows Live
[2012/06/19 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{0607C34D-4A0B-4DCB-8936-D64FB7D77D2C}
[2012/06/19 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Tracing
[2012/06/19 18:30:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/06/19 18:29:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2012/06/19 18:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2012/06/19 18:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
[2012/06/19 18:26:37 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL
[2012/06/19 18:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012/06/19 18:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/06/19 18:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 100 Manual
[2012/06/19 18:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 100
[2012/06/19 18:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/06/19 16:44:02 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Adobe
[2012/06/19 16:43:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Google
[2012/06/19 16:43:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Google
[2012/06/19 16:43:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Desktop\Spybot
[2012/06/19 13:57:14 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\LogiShrd
[2012/06/19 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2012/06/19 13:57:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Leadertech
[2012/06/19 13:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/06/19 13:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012/06/19 13:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/06/19 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Screensaver
[2012/06/19 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Macromedia
[2012/06/19 13:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/06/19 13:41:48 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Microsoft Help
[2012/06/19 13:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2012/06/19 13:39:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/06/19 13:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/06/19 13:38:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/06/19 13:38:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/06/19 13:37:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/06/19 13:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/06/19 13:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/06/19 13:33:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2012/06/19 13:33:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2012/06/19 13:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012/06/19 13:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2012/06/19 13:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/06/19 13:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/06/19 13:27:01 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2012/06/19 13:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2012/06/19 13:25:38 | 000,000,000 | ---D | C] -- C:\book
[2012/06/19 13:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/06/19 13:25:36 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\EgisTec
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Searches
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/19 13:25:21 | 000,000,000 | -H-D | C] -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/19 13:25:12 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Identities
[2012/06/19 13:25:11 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Contacts
[2012/06/19 13:25:09 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\VirtualStore
[2012/06/19 13:24:50 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/06/19 13:24:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/06/19 13:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2012/06/19 13:22:47 | 000,000,000 | --SD | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Videos
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Saved Games
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Pictures
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Music
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Links
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Favorites
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Downloads
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Documents
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Desktop
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Voisinage réseau
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Voisinage d'impression
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Temporary Internet Files
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\SendTo
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Recent
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Modèles
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Mes vidéos
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Mes images
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Mes documents
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Menu Démarrer
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Ma musique
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Local Settings
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Historique
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Cookies
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Application Data
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Application Data
[2012/06/19 13:22:47 | 000,000,000 | -H-D | C] -- C:\Users\LUCAS-\AppData
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Temp
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Microsoft
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Media Center Programs
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2012/06/19 13:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/06/19 13:12:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2012/06/19 13:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/06/19 13:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/06/19 13:10:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/19 13:08:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/06/21 19:15:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/21 19:15:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/21 19:15:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/21 18:53:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/21 18:24:24 | 000,001,033 | ---- | M] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
[2012/06/21 18:23:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/21 18:23:26 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/21 12:44:08 | 000,001,262 | ---- | M] () -- C:\Users\LUCAS-\Desktop\Spybot - Search & Destroy.lnk
[2012/06/21 07:38:55 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/21 07:38:55 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/20 20:08:41 | 000,001,146 | ---- | M] () -- C:\Users\LUCAS-\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/20 13:34:57 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/20 13:34:57 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/20 07:35:46 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/20 07:35:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/20 07:35:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/19 23:02:27 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
[2012/06/19 23:02:21 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\bfe.dll.mui
[2012/06/19 23:02:21 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\pacer.sys.mui
[2012/06/19 23:02:14 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
[2012/06/19 23:02:14 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
[2012/06/19 23:02:11 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
[2012/06/19 22:26:12 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/06/19 22:17:19 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/19 22:13:02 | 000,001,457 | ---- | M] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/19 22:12:53 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2012/06/19 21:03:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/19 21:03:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/06/19 21:03:58 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/19 21:03:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/19 21:03:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/06/19 21:03:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/19 21:03:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/19 21:03:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/19 21:03:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/06/19 21:03:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/06/19 21:03:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/06/19 21:03:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/06/19 21:03:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/19 21:03:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/06/19 21:03:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/06/19 21:03:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/06/19 21:03:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/06/19 21:03:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/06/19 21:03:58 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/19 21:03:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/19 21:03:58 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/06/19 21:03:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/06/19 21:03:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/06/19 21:03:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/06/19 21:03:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/19 21:03:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/19 21:03:57 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/06/19 21:03:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/06/19 21:03:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/19 21:03:57 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/06/19 21:03:57 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/06/19 21:03:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/06/19 19:31:09 | 000,000,382 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/06/19 19:00:51 | 001,289,576 | ---- | M] (Microsoft Corporation) -- C:\Users\LUCAS-\Desktop\wlsetup-web.exe
[2012/06/19 18:25:27 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/06/19 18:24:32 | 000,002,352 | ---- | M] () -- C:\Users\Public\Desktop\CanoScan LiDE 100 Manuel en ligne.lnk
[2012/06/19 13:57:10 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2012/06/19 13:56:52 | 000,002,111 | ---- | M] () -- C:\Users\Public\Desktop\Logiciel de caméra Web Logitech.lnk
[2012/06/19 13:23:05 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Acer Boutique Accessoire.lnk
[2012/06/19 13:23:01 | 000,002,609 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/06/19 13:21:50 | 000,053,560 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

========== Files Created - No Company Name ==========

[2012/06/21 19:15:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/21 18:24:24 | 000,001,033 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
[2012/06/21 12:44:08 | 000,001,262 | ---- | C] () -- C:\Users\LUCAS-\Desktop\Spybot - Search & Destroy.lnk
[2012/06/21 07:38:55 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/21 07:38:55 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/20 20:08:41 | 000,001,146 | ---- | C] () -- C:\Users\LUCAS-\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/20 13:34:57 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/20 07:35:46 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/20 07:35:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/20 07:35:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/19 22:26:12 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/06/19 22:17:18 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/19 22:17:18 | 000,001,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/19 22:12:53 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2012/06/19 21:03:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/19 19:31:09 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/19 19:10:53 | 000,001,309 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/06/19 19:10:41 | 000,001,378 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/06/19 19:10:22 | 000,001,462 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/06/19 19:10:05 | 000,002,490 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/06/19 18:25:27 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/06/19 18:24:32 | 000,002,352 | ---- | C] () -- C:\Users\Public\Desktop\CanoScan LiDE 100 Manuel en ligne.lnk
[2012/06/19 16:46:48 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/19 16:46:47 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/19 16:43:38 | 000,001,457 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/19 13:57:10 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2012/06/19 13:56:52 | 000,002,111 | ---- | C] () -- C:\Users\Public\Desktop\Logiciel de caméra Web Logitech.lnk
[2012/06/19 13:40:57 | 000,002,571 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft Office PowerPoint 2007.lnk
[2012/06/19 13:40:47 | 000,001,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lanceur de tâches Microsoft Works.lnk
[2012/06/19 13:25:27 | 000,001,429 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/06/19 13:25:22 | 000,001,463 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/19 13:23:05 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Acer Boutique Accessoire.lnk
[2012/06/19 13:23:01 | 000,002,609 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/06/19 13:22:47 | 000,000,290 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/19 13:22:47 | 000,000,272 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/06/19 13:06:46 | 3220,574,208 | -HS- | C] () -- C:\hiberfil.sys

========== Custom Scans ==========

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >
"C:\Windows\SysWOW64\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec
"sirenacm.dll" = Messenger Audio Codec

< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup http://www.google.fr /c >
Serveur : livebox.home
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >
Tizotte
Visiteur
Visiteur
 
Messages: 4
Inscription: 21 Juin 2012 16:00
 

Re: Trojan wing32HDQ

Message le 21 Juin 2012 18:43

ATTENTION héberge bien les rapports selon le lien demandé s.t.p

ceci s.t.p

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telech ... adwcleaner

Lance le, clique sur [Suppression]puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Puis:
Installe Malewarebytes' Antimalware,

http://malwarebytes.org/products/malwarebytes_free

Prends bien la version FREE
*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

Ensuite nouveau rapport OTL pour contrôle s.t.p
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12737
Inscription: 08 Déc 2009 19:51
 

Re: Trojan wing32HDQ

Message le 21 Juin 2012 19:43

Bonsoir ,

A priori ce trojan m'a laissé tranquille , Le scan est bon ...

Merci de votre aide et peut être à bientôt :P :P :P
Tizotte
Visiteur
Visiteur
 
Messages: 4
Inscription: 21 Juin 2012 16:00
 

Re: Trojan wing32HDQ

Message le 21 Juin 2012 19:58

tu as bien lancer mes 2 demandes car avec ceci.
PRC - C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
cela m’étonne :evil:
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12737
Inscription: 08 Déc 2009 19:51
 



Sujets similaires

Message trojan.CertLock
Bonjour, J' ai un souci d'ordinateur j'ai un trojan.CertLock j 'ai tenté de le supprimer avec spyboot avast malwarebytes zhp cleaner emisoftantimalware en vain :-((( j' ai tenté de passer tout ces antivirusmalwares en mode sans échec sans prise en charge réseau en vain également :-((.desfois tout ce ...
Réponses: 2

Message [Réglé] Conseil logiciel anti trojan
Bonjour,Quelqu'un pourrait-il me conseiller un anti-trojan assez performant gratuit ?Merci.
Réponses: 6

Message Trojan Rootkit.Boot.Cidox.b
Bonjour,J'ai un problème de virus Trojan cité en objet que Kaspersky n'arrive pas à supprimer. Ce Trojan apparemment a infecté mon disque local C.Aussi je ne sais pas si c'est lié au Trojan mais tous mes fichiers word et excel (Office 2013) et même pdf sont devenus illisibles. Message d'erreur à l'o ...
Réponses: 12

Message PC Infecté trojan
Bonjour tout le monde.Je vais essayer de la faire courte et précise en vous remerciant par avance de prendre le temps de lire ce qui suit, tout en gardant conscience que je suis assez proche du noob level 2. Donc je m'excuse par avance si je raconte des détails évidents pour certains. 1/ Mon pc (Len ...
Réponses: 3

Message trojan win32.runbu repéré mais impossible à supprimer
Bonsoir à tous,Je me permets de poster ici car Spybot a repéré un trojan win32.runbu mais il m'est impossible de le supprimer. J'ai cherché quelques posts précédents sur le sujet et j'ai donc téléchargé HijackThis dont voici le rapport en PJ.Merci à ceux qui prendront le temps d'étudier tout cela!Pi ...
Réponses: 0

Message [résolu]Virus : Trojan.RotBrowse
Bonjour,MSE a détecté un virus.J'ai lancé ADWcleaner et Malwarebytes Anti-Malware. J'ai fait le nettoyage demandé.Je mets en copie les logs et le diag aussi de ZHPDiag réalisé après le nettoyage des 2 logiciels ci-dessus.Si vous pouvez m'aider merci.Cordialement.
Réponses: 4

Message Echec imminent détecté par le disque SMART ou trojan
Bonjour,Lors du démarrage de mon PC Pavillon :Nº du modèle : p6-2143efNº de Produit : B4Q82EA#ABFNº série : CZC2186V4PVersion de logiciel : 12WE1RRW605#SABF#DABFIdentité de service: 110-112PCBRAND: HPJ'ai le message d'erreur suivant : Echec imminent détecté par le disque dur SMART Attribut déffailla ...
Réponses: 3


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 4 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.