Trojan wing32HDQ

Tizotte · le 21 Juin 2012 16:09

Bonjour ,

Pour des raisons que j'ignore , mon PC est me semble t'il infecté par des fénêtres publicitaires qui s'affichent souvent .

D'autre part après avoir fait un scanne spybot m'a découvert un trojan wing32 HDQ

Merci de m'aider car impossible de l'enlever

bernard53 · le 21 Juin 2012 17:06

Bonjour

Fait ceci s.t.p

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s
%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.

http://cjoint.com/

Tizotte · le 21 Juin 2012 18:24

OTL logfile created on: 21/06/2012 19:14:20 - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\LUCAS-\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,19% Memory free
8,00 Gb Paging File | 6,18 Gb Available in Paging File | 77,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 412,76 Gb Free Space | 89,95% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 456,28 Gb Free Space | 99,44% Space Free | Partition Type: NTFS

Computer Name: LUCAS--PC | User Name: LUCAS- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\LUCAS-\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
PRC - C:\Users\LUCAS-\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\qtxml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\qtsql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()

========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe (Google Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()

========== Driver Services (SafeList) ==========

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5lg711ll18
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_frFR489
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8C15A0A3-3314-4370-AD07-E38F99B6229A}&mid=5d71595eecab47d09542d1565019a0d1-60ef6fe3060c3f599210b9776086a5ea4c2a9971&lang=en&ds=AVG&pr=pr&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3229168741-767330946-2304600767-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr"
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb164/?loc=IB_DS&a=6OyFsfzv6A&&i=26&search="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/20 19:42:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/20 07:35:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/20 19:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/20 19:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LUCAS-\AppData\Roaming\mozilla\Extensions
[2012/06/21 12:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LUCAS-\AppData\Roaming\mozilla\Firefox\Profiles\x09opba0.default\extensions
[2012/06/01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/20 07:36:12 | 000,003,739 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Tuto4pcBHO Class) - {0722A2AC-4CF8-4310-AFEE-F87AA9BE10AA} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3229168741-767330946-2304600767-1001..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3229168741-767330946-2304600767-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [UpdateTuto4PCHP] C:\Users\LUCAS-\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD0A5032-3D3C-4592-8D93-C5B7CF2B18B0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/21 13:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2012/06/21 12:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/21 12:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/21 12:44:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/06/21 12:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/21 07:46:59 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{8660E357-FA15-40DA-843D-2456FD3F98AD}
[2012/06/21 07:46:38 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{67CF8F76-04CF-4509-A79B-7420BDAEEC3E}
[2012/06/21 07:38:21 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\adawarebp
[2012/06/21 07:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/06/21 07:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/06/21 07:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/06/20 20:09:46 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\AVG
[2012/06/20 20:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/06/20 19:50:53 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/06/20 19:50:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/06/20 19:46:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{282009A3-CF28-42CE-A65D-A6F57EAC306E}
[2012/06/20 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{53A1F32D-8411-498E-A296-CB8DF4E136B4}
[2012/06/20 19:18:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{636A81E2-460D-4ECD-AC63-F924B8DDD8D7}
[2012/06/20 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{5007CE8F-5792-44D6-9100-A004230A371B}
[2012/06/20 13:35:05 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Macromedia
[2012/06/20 13:34:57 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/20 13:34:57 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/20 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Canon
[2012/06/20 07:36:33 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\AVG2012
[2012/06/20 07:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/06/20 07:35:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/06/20 07:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/06/20 07:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/06/20 07:30:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/20 07:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/06/20 07:19:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Malwarebytes
[2012/06/20 07:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/20 07:17:52 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{B3330DE8-3790-47AF-AE08-BE29C8AE3F29}
[2012/06/20 07:17:30 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{44C71C8A-6EF6-4ACD-A717-F07B6F4043D3}
[2012/06/19 23:03:04 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\fr-FR
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2012/06/19 23:03:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\040C
[2012/06/19 23:02:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
[2012/06/19 23:02:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\bfe.dll.mui
[2012/06/19 23:02:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\pacer.sys.mui
[2012/06/19 23:02:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
[2012/06/19 23:02:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
[2012/06/19 23:02:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
[2012/06/19 22:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/06/19 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\OpenOffice.org
[2012/06/19 22:36:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/19 22:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012/06/19 22:33:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Desktop\OpenOffice.org 3.4 (fr) Installation Files
[2012/06/19 22:26:36 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Tuto4PC
[2012/06/19 22:26:35 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Tuto4pc
[2012/06/19 22:26:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc
[2012/06/19 22:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
[2012/06/19 22:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/06/19 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Mozilla
[2012/06/19 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Mozilla
[2012/06/19 22:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/19 22:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/19 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/19 22:08:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/06/19 21:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012/06/19 21:08:09 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/06/19 21:08:09 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/06/19 21:08:09 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/06/19 21:08:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/06/19 21:03:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/19 21:03:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/06/19 21:03:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/19 21:03:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/19 21:03:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/06/19 21:03:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/19 21:03:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/19 21:03:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/19 21:03:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/06/19 21:03:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/06/19 21:03:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/06/19 21:03:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/06/19 21:03:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/19 21:03:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/06/19 21:03:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/06/19 21:03:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/06/19 21:03:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/06/19 21:03:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/06/19 21:03:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/06/19 21:03:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/19 21:03:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/06/19 21:03:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/06/19 21:03:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/06/19 21:03:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/06/19 21:03:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/19 21:03:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/19 21:03:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/06/19 21:03:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/06/19 21:03:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/19 21:03:57 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/06/19 21:03:57 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/06/19 21:03:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/06/19 19:20:19 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Adobe
[2012/06/19 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{1A56EEE4-58DF-4BD0-ACC4-E1E2D8BE4D74}
[2012/06/19 19:16:06 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{6AF45EB4-B05D-4CE5-A3D2-2CB272EA338E}
[2012/06/19 19:11:27 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/06/19 19:06:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/06/19 19:06:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/06/19 19:06:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/06/19 19:04:42 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012/06/19 19:04:42 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012/06/19 19:03:18 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/06/19 19:03:18 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/06/19 19:03:17 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/06/19 19:00:48 | 001,289,576 | ---- | C] (Microsoft Corporation) -- C:\Users\LUCAS-\Desktop\wlsetup-web.exe
[2012/06/19 18:56:45 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/06/19 18:56:45 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/06/19 18:56:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/06/19 18:56:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/06/19 18:56:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/06/19 18:56:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/06/19 18:56:15 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/06/19 18:56:15 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/06/19 18:56:12 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/06/19 18:56:12 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/06/19 18:56:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/06/19 18:56:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/06/19 18:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/06/19 18:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/06/19 18:55:14 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/06/19 18:55:14 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/19 18:55:05 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/06/19 18:55:05 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/06/19 18:55:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/06/19 18:55:03 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/06/19 18:55:03 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/06/19 18:55:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/06/19 18:55:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/06/19 18:55:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/06/19 18:54:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/06/19 18:54:53 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/06/19 18:54:44 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/06/19 18:54:43 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/06/19 18:54:43 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/06/19 18:54:43 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/06/19 18:54:43 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/06/19 18:54:43 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/06/19 18:54:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/06/19 18:54:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/06/19 18:54:28 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/06/19 18:54:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/06/19 18:54:12 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/06/19 18:54:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/06/19 18:54:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/06/19 18:54:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/06/19 18:54:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/06/19 18:54:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/06/19 18:52:56 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/06/19 18:52:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/06/19 18:52:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/06/19 18:52:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/06/19 18:52:51 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/06/19 18:52:40 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/06/19 18:52:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/06/19 18:52:36 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/06/19 18:52:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/06/19 18:52:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/06/19 18:52:32 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/19 18:52:32 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/19 18:52:25 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/06/19 18:52:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/06/19 18:52:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/06/19 18:52:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/06/19 18:52:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/06/19 18:51:34 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/06/19 18:51:34 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/06/19 18:50:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/06/19 18:50:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/06/19 18:50:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/06/19 18:50:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/06/19 18:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/06/19 18:50:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/06/19 18:50:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/06/19 18:50:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/06/19 18:50:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/06/19 18:50:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/06/19 18:50:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/06/19 18:50:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/06/19 18:50:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/06/19 18:50:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/06/19 18:50:46 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/06/19 18:50:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/06/19 18:50:44 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/06/19 18:50:44 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/06/19 18:50:42 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/06/19 18:50:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/06/19 18:50:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/06/19 18:50:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/06/19 18:50:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/06/19 18:50:00 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/06/19 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Windows Live
[2012/06/19 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\{0607C34D-4A0B-4DCB-8936-D64FB7D77D2C}
[2012/06/19 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Tracing
[2012/06/19 18:30:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/06/19 18:29:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2012/06/19 18:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2012/06/19 18:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
[2012/06/19 18:26:37 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL
[2012/06/19 18:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012/06/19 18:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/06/19 18:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 100 Manual
[2012/06/19 18:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 100
[2012/06/19 18:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/06/19 16:44:02 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Adobe
[2012/06/19 16:43:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Google
[2012/06/19 16:43:43 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Google
[2012/06/19 16:43:11 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\Desktop\Spybot
[2012/06/19 13:57:14 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\LogiShrd
[2012/06/19 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2012/06/19 13:57:00 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Leadertech
[2012/06/19 13:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/06/19 13:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012/06/19 13:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/06/19 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Screensaver
[2012/06/19 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Macromedia
[2012/06/19 13:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/06/19 13:41:48 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Microsoft Help
[2012/06/19 13:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2012/06/19 13:39:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/06/19 13:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/06/19 13:38:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/06/19 13:38:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/06/19 13:37:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/06/19 13:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/06/19 13:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/06/19 13:33:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2012/06/19 13:33:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2012/06/19 13:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012/06/19 13:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2012/06/19 13:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/06/19 13:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/06/19 13:27:01 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2012/06/19 13:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2012/06/19 13:25:38 | 000,000,000 | ---D | C] -- C:\book
[2012/06/19 13:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/06/19 13:25:36 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\EgisTec
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Searches
[2012/06/19 13:25:21 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/19 13:25:21 | 000,000,000 | -H-D | C] -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/19 13:25:12 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Identities
[2012/06/19 13:25:11 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Contacts
[2012/06/19 13:25:09 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\VirtualStore
[2012/06/19 13:24:50 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/06/19 13:24:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/06/19 13:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2012/06/19 13:22:47 | 000,000,000 | --SD | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Videos
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Saved Games
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Pictures
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Music
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Links
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Favorites
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Downloads
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Documents
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\Desktop
[2012/06/19 13:22:47 | 000,000,000 | R--D | C] -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Voisinage réseau
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Voisinage d'impression
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Temporary Internet Files
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\SendTo
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Recent
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Modèles
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Mes vidéos
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Mes images
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Mes documents
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Menu Démarrer
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Documents\Ma musique
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Local Settings
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Historique
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Cookies
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\Application Data
[2012/06/19 13:22:47 | 000,000,000 | -HSD | C] -- C:\Users\LUCAS-\AppData\Local\Application Data
[2012/06/19 13:22:47 | 000,000,000 | -H-D | C] -- C:\Users\LUCAS-\AppData
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Temp
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Local\Microsoft
[2012/06/19 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\LUCAS-\AppData\Roaming\Media Center Programs
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2012/06/19 13:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2012/06/19 13:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/06/19 13:12:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2012/06/19 13:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/06/19 13:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/06/19 13:10:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/19 13:08:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/06/21 19:15:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/21 19:15:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/21 19:15:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/21 18:53:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/21 18:24:24 | 000,001,033 | ---- | M] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
[2012/06/21 18:23:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/21 18:23:26 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/21 12:44:08 | 000,001,262 | ---- | M] () -- C:\Users\LUCAS-\Desktop\Spybot - Search & Destroy.lnk
[2012/06/21 07:38:55 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/21 07:38:55 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/20 20:08:41 | 000,001,146 | ---- | M] () -- C:\Users\LUCAS-\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/20 13:34:57 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/20 13:34:57 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/20 07:35:46 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/20 07:35:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/20 07:35:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/19 23:02:27 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
[2012/06/19 23:02:21 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\bfe.dll.mui
[2012/06/19 23:02:21 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\pacer.sys.mui
[2012/06/19 23:02:14 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
[2012/06/19 23:02:14 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
[2012/06/19 23:02:11 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
[2012/06/19 22:26:12 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/06/19 22:17:19 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/19 22:13:02 | 000,001,457 | ---- | M] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/19 22:12:53 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2012/06/19 21:03:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/19 21:03:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/06/19 21:03:58 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/19 21:03:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/19 21:03:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/06/19 21:03:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/19 21:03:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/19 21:03:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/19 21:03:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/06/19 21:03:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/06/19 21:03:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/06/19 21:03:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/06/19 21:03:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/19 21:03:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/06/19 21:03:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/06/19 21:03:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/06/19 21:03:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/06/19 21:03:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/06/19 21:03:58 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/19 21:03:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/19 21:03:58 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/06/19 21:03:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/06/19 21:03:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/06/19 21:03:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/06/19 21:03:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/19 21:03:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/19 21:03:57 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/06/19 21:03:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/06/19 21:03:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/19 21:03:57 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/06/19 21:03:57 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/06/19 21:03:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/06/19 19:31:09 | 000,000,382 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/06/19 19:00:51 | 001,289,576 | ---- | M] (Microsoft Corporation) -- C:\Users\LUCAS-\Desktop\wlsetup-web.exe
[2012/06/19 18:25:27 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/06/19 18:24:32 | 000,002,352 | ---- | M] () -- C:\Users\Public\Desktop\CanoScan LiDE 100 Manuel en ligne.lnk
[2012/06/19 13:57:10 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2012/06/19 13:56:52 | 000,002,111 | ---- | M] () -- C:\Users\Public\Desktop\Logiciel de caméra Web Logitech.lnk
[2012/06/19 13:23:05 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Acer Boutique Accessoire.lnk
[2012/06/19 13:23:01 | 000,002,609 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/06/19 13:21:50 | 000,053,560 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

========== Files Created - No Company Name ==========

[2012/06/21 19:15:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/21 18:24:24 | 000,001,033 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
[2012/06/21 12:44:08 | 000,001,262 | ---- | C] () -- C:\Users\LUCAS-\Desktop\Spybot - Search & Destroy.lnk
[2012/06/21 07:38:55 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/21 07:38:55 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/20 20:08:41 | 000,001,146 | ---- | C] () -- C:\Users\LUCAS-\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/20 13:34:57 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/20 07:35:46 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/20 07:35:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/20 07:35:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/19 22:26:12 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/06/19 22:17:18 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/19 22:17:18 | 000,001,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/19 22:12:53 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2012/06/19 21:03:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/19 19:31:09 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/19 19:10:53 | 000,001,309 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/06/19 19:10:41 | 000,001,378 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/06/19 19:10:22 | 000,001,462 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/06/19 19:10:05 | 000,002,490 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/06/19 18:25:27 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/06/19 18:24:32 | 000,002,352 | ---- | C] () -- C:\Users\Public\Desktop\CanoScan LiDE 100 Manuel en ligne.lnk
[2012/06/19 16:46:48 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/19 16:46:47 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/19 16:43:38 | 000,001,457 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/19 13:57:10 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2012/06/19 13:56:52 | 000,002,111 | ---- | C] () -- C:\Users\Public\Desktop\Logiciel de caméra Web Logitech.lnk
[2012/06/19 13:40:57 | 000,002,571 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft Office PowerPoint 2007.lnk
[2012/06/19 13:40:47 | 000,001,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lanceur de tâches Microsoft Works.lnk
[2012/06/19 13:25:27 | 000,001,429 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/06/19 13:25:22 | 000,001,463 | ---- | C] () -- C:\Users\LUCAS-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/19 13:23:05 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Acer Boutique Accessoire.lnk
[2012/06/19 13:23:01 | 000,002,609 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/06/19 13:22:47 | 000,000,290 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/19 13:22:47 | 000,000,272 | ---- | C] () -- C:\Users\LUCAS-\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/06/19 13:06:46 | 3220,574,208 | -HS- | C] () -- C:\hiberfil.sys

========== Custom Scans ==========

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/06/19 21:03:58 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/06/01 20:15:47 | 000,869,160 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/06/01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/06/19 21:03:55 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/19 21:03:59 | 000,748,664 | ---- | M] (Microsoft Corporation)

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >
"C:\Windows\SysWOW64\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec
"sirenacm.dll" = Messenger Audio Codec

< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup http://www.google.fr /c >
Serveur : livebox.home
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >

bernard53 · le 21 Juin 2012 18:43

ATTENTION héberge bien les rapports selon le lien demandé s.t.p

ceci s.t.p

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telech ... adwcleaner

Lance le, clique sur [Suppression]puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Puis:
Installe Malewarebytes' Antimalware,

http://malwarebytes.org/products/malwarebytes_free

Prends bien la version FREE
*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

Ensuite nouveau rapport OTL pour contrôle s.t.p

Tizotte · le 21 Juin 2012 19:43

Bonsoir ,

A priori ce trojan m'a laissé tranquille , Le scan est bon ...

Merci de votre aide et peut être à bientôt

bernard53 · le 21 Juin 2012 19:58

tu as bien lancer mes 2 demandes car avec ceci.

PRC - C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)

cela m’étonne :evil:

Trojan wing32HDQ

Trojan wing32HDQ

Re: Trojan wing32HDQ

Re: Trojan wing32HDQ

Re: Trojan wing32HDQ

Re: Trojan wing32HDQ

Re: Trojan wing32HDQ

Sujets similaires

Qui est en ligne