Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: C0000135 The program can't start because %hs is missing. Try resintalling the program


  • This topic is locked This topic is locked
15 replies to this topic

#1 HoeSoSilly

HoeSoSilly

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 05 March 2012 - 04:25 PM

Hi, i have a Laptop with Windows seven on it. I have a problem since 2 days, when i boot my laptop, i have a blue screen with : STOP: C0000135 The program can't start because %hs is missing. Try resintalling the program ! I can't repair it with Win 7 reparator CD
I tried some tricks like modify enter in the reg. but nothing change !

I saw you helped someone who as the same issue, so i require your help ! Sorry for my english, it is quite bad but i french :s

Thanks for your fast answers ! :)

BC AdBot (Login to Remove)

 


#2 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 05 March 2012 - 04:38 PM

Edit : i can't use the Farbar tools, when i run it with the cmd prompt, it said : The subsystem needed to support the image type is not present.

>.<

Please help me guys, you seem to be the only one who can solve my issue ! :)

#3 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 06 March 2012 - 03:43 AM

Edit : I fixed the sub system problem, now i have a log file, i paste it now :









Scan result of Farbar Recovery Scan Tool Version: 06-03-2012
Ran by Système at 06-03-2012 09:40:44
Running from G:\
Windows 7 Home Premium (X64) OS Language: French Standard
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-26] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH)
HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1481568 2009-09-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [x]
HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2009-08-12] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-13] (Apple Inc.)
HKLM-x32\...\Run: [Regedit32] C:\Windows\system32\regedit.exe [x]
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [x]
HKU\Default\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Ophelie\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Ophelie\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3872080 2010-04-16] (Microsoft Corporation)
HKU\Ophelie\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-28] (Google Inc.)
HKU\Ophelie\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2011-10-06] (Apple Inc.)
HKU\Ophelie\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59240 2011-09-29] (Apple Inc.)
HKU\Ophelie\...\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59240 2011-10-05] (Apple Inc.)
HKU\Ophelie\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKU\Ophelie\...\Run: [{38A60FFE-97CC-4268-9C3B-90247DD1D416}] C:\Users\Ophelie\AppData\Roaming\Ento\ubegy.exe [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 dac960nt; C:\Windows\System32\useraccess7.dll [6656 2009-07-14] (Oak Technology Inc.)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-09-02] (Lavasoft Limited)
2 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [116104 2009-08-26] (Toshiba Europe GmbH)
2 Thpsrv; C:\Windows\system32\ThpSrv.exe [531520 2009-07-08] (TOSHIBA Corporation)
2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe" [2072896 2011-11-02] (TuneUp Software)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [x]
2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [x]

========================== Drivers (Whitelisted) =============

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-11-28] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [66904 2011-11-28] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [591192 2011-11-28] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [304472 2011-11-28] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58712 2011-11-28] (AVAST Software)
3 enecir; C:\Windows\System32\DRIVERS\enecir.sys [70656 2009-06-29] (ENE TECHNOLOGY INC.)
3 enecirhid; C:\Windows\System32\DRIVERS\enecirhid.sys [14848 2009-05-19] (ENE TECHNOLOGY INC.)
3 enecirhidma; C:\Windows\System32\DRIVERS\enecirhidma.sys [6656 2008-04-24] (ENE TECHNOLOGY INC.)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-02-04] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-12-03] (Lavasoft AB)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-04-09] (Duplex Secure Ltd.)
3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-14] (Microsoft Corporation)
3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-10-31] (TuneUp Software)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\System32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\System32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\drivers\appid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys CE6D8BCC4787704EA4FEEB92B0D0CAF8
C:\Windows\system32\drivers\aswMonFlt.sys 0DEBEB2E3FBD0BF5343125CCE617F105
C:\Windows\System32\Drivers\aswRdr.sys 952EDC2E81F85D1781958D4128BF59F8
C:\Windows\System32\Drivers\aswSnx.sys DD383E2AC941C545A85AB72503DA6C12
C:\Windows\System32\Drivers\aswSP.sys EF5403FB8B2DCB791EC365FDF6040A4A
C:\Windows\System32\Drivers\aswTdi.sys 34165DA5C6B30C0F9D61246BF8A28040
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\System32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys C4943B6C962E4B82197542447AD599F4
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\enecir.sys 524C79054636D2E5751169005006460B
C:\Windows\System32\DRIVERS\enecirhid.sys E17EB95358F396E27D573A1B20F891F8
C:\Windows\System32\DRIVERS\enecirhidma.sys 8492D808C79BD6FE439F77BE84956CDF
C:\Windows\System32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jmcr.sys F8844B00C10E386C704C610E95A9847D
C:\Windows\System32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys DA1E991A61CFDD755A589E206B97644B
C:\Windows\System32\Drivers\ksecpkg.sys 7E33198D956943A4F11A5474C1E9106F
C:\Windows\System32\drivers\ksthunk.sys ==> MD5 is legit
C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 9A7FA6371F68335FD3C3D6488BC5A9F8
C:\Windows\System32\DRIVERS\Lbd.sys 3C46290F7A5D45BA6EF32C248E22AA69
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LPCFilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\System32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\System32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys CB599955CE2CE9694721562F9481CD84
C:\Windows\System32\DRIVERS\nvlddmkm.sys 7A0FA5FE8B2904CDF3E375F45C23A858
C:\Windows\System32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\System32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rtl8192se.sys ==> MD5 is legit
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 0FAA1933FBCF916C301FF94ACC623031
C:\Windows\System32\drivers\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\DRIVERS\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D
C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38
C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys DCC94C51D27C7EC0DADECA8F64C94FCF
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA
C:\Windows\System32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\System32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

========================== NetSvcs (Whitelisted) ===========
NETSVC: dac960nt

============ One Month Created Files and Folders ==============

2012-03-05 19:22 - 2012-03-05 19:22 - 0000000 ___AD C:\.Trash-999
2012-03-05 17:39 - 2012-03-05 17:39 - 0261368 ____A C:\Windows\ntbtlog.txt
2012-03-01 20:52 - 2012-03-01 20:52 - 0019957 ____A C:\Users\Ophelie\Downloads\One Tree Hill_9x08_HDTV.2HD.fr.zip
2012-03-01 19:29 - 2012-03-01 20:07 - 168325184 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e08.hdtv.xvid-2hd.avi
2012-03-01 18:15 - 2012-03-01 18:17 - 1006371 ____A C:\Users\Ophelie\Downloads\Biologie_Animale_L1_PF_.pdf
2012-03-01 17:57 - 2012-03-01 17:57 - 0028485 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E08.FASTSUB.VOSTFR.HDTV.XviD-ATeam.avi.torrent
2012-03-01 04:29 - 2012-03-01 20:53 - 0053094 ____A C:\Users\Ophelie\Downloads\One Tree Hill - 9x08 - Episode 8.HDTV.2HD.fr.srt
2012-02-29 22:06 - 2012-02-29 22:06 - 0000410 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2012-02-28 21:05 - 2012-02-28 21:05 - 0012249 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E18.FASTSUB.VOSTFR.HDTV.x264-MiND.mp4.torrent
2012-02-27 21:34 - 2012-02-27 21:34 - 0014618 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S06E01.FRENCH.LD.DVDRip.XviD-JMT.avi.torrent
2012-02-27 19:04 - 2012-02-27 19:04 - 0014581 ____A C:\Users\Ophelie\Downloads\One_Tree_Hill(Les_Frères_Scott)_S06E01_FRENCH_LD_DVDRip_XviD-JMT(tracker-surfer_fr)_avi_TRA.torrent
2012-02-25 00:14 - 2012-02-25 00:14 - 0033694 ____A C:\Users\Ophelie\Downloads\Les Frères Scott Saison 05.torrent
2012-02-24 23:45 - 2012-02-24 23:45 - 0014279 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E07.FASTSUB.VOSTFR.HDTV.XviD-Xtrem.avi.torrent
2012-02-24 23:43 - 2012-02-24 23:43 - 0014383 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e07.hdtv.xvid-2hd.torrent
2012-02-24 19:35 - 2012-02-24 19:46 - 0000000 ____D C:\Users\Ophelie\Downloads\La compile patate !
2012-02-24 19:32 - 2012-02-24 19:32 - 0014466 ____A C:\Users\Ophelie\Downloads\PS I LOVE YOU french.torrent
2012-02-24 19:31 - 2012-02-24 19:31 - 0016979 ____A C:\Users\Ophelie\Downloads\PS.I.Love.You.2008.FRENCH.TS.XviD-CiNEFOX.4041034.TPB.torrent
2012-02-21 22:27 - 2012-02-21 22:27 - 0000678 ____A C:\Windows\PFRO.log
2012-02-21 21:55 - 2012-03-03 16:47 - 0000346 ____A C:\Windows\Tasks\At34.job
2012-02-21 21:55 - 2012-03-03 16:47 - 0000344 ____A C:\Windows\Tasks\At33.job
2012-02-21 21:55 - 2012-03-03 15:47 - 0000346 ____A C:\Windows\Tasks\At32.job
2012-02-21 21:55 - 2012-03-03 15:47 - 0000344 ____A C:\Windows\Tasks\At31.job
2012-02-21 21:55 - 2012-03-03 14:47 - 0000346 ____A C:\Windows\Tasks\At30.job
2012-02-21 21:55 - 2012-03-03 14:47 - 0000344 ____A C:\Windows\Tasks\At29.job
2012-02-21 21:55 - 2012-03-03 13:47 - 0000346 ____A C:\Windows\Tasks\At28.job
2012-02-21 21:55 - 2012-03-03 13:47 - 0000344 ____A C:\Windows\Tasks\At27.job
2012-02-21 21:55 - 2012-03-03 12:47 - 0000346 ____A C:\Windows\Tasks\At26.job
2012-02-21 21:55 - 2012-03-03 12:47 - 0000344 ____A C:\Windows\Tasks\At25.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At8.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At6.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At48.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At46.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At44.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At42.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At40.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At4.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At38.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At36.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At24.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At22.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At20.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At18.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At16.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At14.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At12.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At10.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At9.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At7.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At5.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At47.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At45.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At43.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At41.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At39.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At37.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At35.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At3.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At23.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At21.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At19.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At17.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At15.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At13.job
2012-02-21 21:55 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At11.job
2012-02-21 21:55 - 2012-02-21 22:26 - 0000112 ____A C:\Users\All Users\76E17Y.dat
2012-02-21 21:55 - 2012-02-21 22:26 - 0000112 ____A C:\ProgramData\76E17Y.dat
2012-02-21 21:54 - 2012-03-03 12:04 - 0000346 ____A C:\Windows\Tasks\At2.job
2012-02-21 21:54 - 2012-03-03 12:04 - 0000344 ____A C:\Windows\Tasks\At1.job
2012-02-21 21:54 - 2012-02-21 21:55 - 0084146 ____A C:\Windows\SysWOW64\UHfkYR.com_
2012-02-17 15:12 - 2012-02-17 15:12 - 0022598 ____A C:\Users\Ophelie\Downloads\bio vegétal.docx
2012-02-16 18:14 - 2012-02-16 20:22 - 231698664 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E06.HDTV.XviD-ASAP.avi
2012-02-16 12:00 - 2011-12-16 09:47 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-16 12:00 - 2011-12-16 09:47 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-16 12:00 - 2011-12-16 09:47 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-16 12:00 - 2011-12-16 07:44 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-16 12:00 - 2011-12-16 07:09 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-16 11:58 - 2012-01-14 05:06 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-16 11:58 - 2011-12-28 04:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-02-16 11:57 - 2011-12-16 09:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-16 11:57 - 2011-12-16 08:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-02-15 19:38 - 2012-02-15 20:00 - 183519234 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP (1).avi
2012-02-15 15:09 - 2012-02-15 15:46 - 7949424 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP.avi
2012-02-15 15:05 - 2012-02-15 15:05 - 0014542 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother_7x16_HDTV.en.zip
2012-02-13 15:14 - 2012-02-13 15:14 - 0041179 ____A C:\Users\Ophelie\Downloads\Les Frères Scott - Saison 2 [www.torrent411.com].torrent
2012-02-12 18:57 - 2012-02-12 18:57 - 0040155 ____A C:\Users\Ophelie\Downloads\Les Frères Scott - Saison 1 [www.torrent411.com].torrent
2012-02-12 18:50 - 2012-02-12 18:50 - 0040281 ____A C:\Users\Ophelie\Downloads\[kat.ph]les.freres.scott.saison.1.fr.torrent
2012-02-12 18:50 - 2012-02-12 18:50 - 0040281 ____A C:\Users\Ophelie\Downloads\[kat.ph]les.freres.scott.saison.1.fr (1).torrent
2012-02-12 18:47 - 2012-02-26 18:47 - 0000328 ____A C:\Windows\Tasks\WebReg HP Photosmart B110 series.job
2012-02-12 12:50 - 2012-02-12 12:50 - 0025802 ____A C:\Users\Ophelie\Downloads\The Mentalist_4x14_HDTV.LOL.fr.zip
2012-02-12 12:24 - 2012-02-12 12:24 - 3193809 ____A C:\Users\Ophelie\Downloads\ifunbox_en.zip
2012-02-12 11:14 - 2012-02-12 12:32 - 400545608 ____A C:\Users\Ophelie\Downloads\Dexter.S01E11.FRENCH.DVDRip.XviD-JMT.avi
2012-02-11 17:52 - 2012-02-11 17:52 - 0026410 ____A C:\Users\Ophelie\Downloads\Greys Anatomy_8x14_HDTV.LOL.fr(1).zip
2012-02-11 17:02 - 2012-02-11 17:02 - 0028853 ____A C:\Users\Ophelie\Downloads\[isoHunt] The_Mentalist_S04E14_HDTV_XviD-LOL[ettv].7021022.TPB.torrent
2012-02-11 15:55 - 2012-02-11 15:55 - 0028832 ____A C:\Users\Ophelie\Downloads\[isoHunt] Greys_Anatomy_S08E14_HDTV_XviD-LOL[ettv].7021198.TPB.torrent
2012-02-09 21:33 - 2012-02-09 21:33 - 0387921 ____A C:\Users\Ophelie\Downloads\[isoHunt] les freres scoot saison 1,2,3,4,5 en francais.torrent
2012-02-09 18:15 - 2012-02-09 18:15 - 0022643 ____A C:\Users\Ophelie\Downloads\NCIS_9x01_HDTV.LoL.fr.zip
2012-02-09 17:30 - 2012-02-09 18:20 - 365111688 ____A C:\Users\Ophelie\Downloads\NCIS.S09E01.FASTSUB.VOSTFR.HDTV.XviD-ROKS.avi
2012-02-09 15:19 - 2012-02-09 15:37 - 367005606 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E05.HDTV.XviD-ASAP.avi
2012-02-08 17:12 - 2012-02-08 17:31 - 367055276 ____A C:\Users\Ophelie\Downloads\NCIS.S08E24.FiNAL.FRENCH.DVDRip.XviD-JMT.avi
2012-02-07 22:15 - 2012-02-07 22:15 - 0023857 ____A C:\Users\Ophelie\Downloads\The Mentalist_4x13_HDTV.LOL.fr.zip
2012-02-07 20:58 - 2012-02-07 21:01 - 0000000 ____D C:\Users\Ophelie\Documents\cours
2012-02-07 20:33 - 2012-02-07 20:33 - 0013591 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother_7x15_HDTV.fr.zip
2012-02-07 20:32 - 2012-02-07 20:42 - 183499942 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E15.HDTV.XviD-ASAP.avi
2012-02-07 18:48 - 2012-02-07 19:10 - 367232520 ____A C:\Users\Ophelie\Downloads\NCIS.S08E23.FRENCH.DVDRip.XviD-JMT.avi
2012-02-07 06:14 - 2012-02-07 21:54 - 0035613 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother - 7x15 - The Drunk Train.HDTV.fr.srt
2012-02-05 15:12 - 2012-02-29 22:04 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-02-05 15:03 - 2012-02-05 15:22 - 366824218 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (2).avi


============ 3 Months Modified Files and Folders =============

2012-03-06 09:41 - 2012-03-06 09:40 - 0000000 ____D C:\FRST
2012-03-05 19:34 - 2010-12-28 16:34 - 0000000 ____D C:\Users\Ophelie\Documents\Vuze Downloads
2012-03-05 19:22 - 2012-03-05 19:22 - 0000000 ___AD C:\.Trash-999
2012-03-05 17:48 - 2009-12-28 13:22 - 0130542 ____A C:\aaw7boot.log
2012-03-05 17:48 - 2009-10-19 17:56 - 3193597952 __ASH C:\hiberfil.sys
2012-03-05 17:39 - 2012-03-05 17:39 - 0261368 ____A C:\Windows\ntbtlog.txt
2012-03-04 14:34 - 2009-10-19 18:06 - 1500289 ____A C:\Windows\WindowsUpdate.log
2012-03-04 14:33 - 2010-12-28 15:46 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Azureus
2012-03-03 16:47 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At34.job
2012-03-03 16:47 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At33.job
2012-03-03 16:37 - 2010-02-02 17:35 - 0001070 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-03-03 15:47 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At32.job
2012-03-03 15:47 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At31.job
2012-03-03 14:47 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At30.job
2012-03-03 14:47 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At29.job
2012-03-03 13:47 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At28.job
2012-03-03 13:47 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At27.job
2012-03-03 12:47 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At26.job
2012-03-03 12:47 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At25.job
2012-03-03 12:18 - 2010-02-02 17:35 - 0001066 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At8.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At6.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At48.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At46.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At44.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At42.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At40.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At4.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At38.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At36.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At24.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At22.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At20.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At18.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At16.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At14.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At12.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000346 ____A C:\Windows\Tasks\At10.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At9.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At7.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At5.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At47.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At45.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At43.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At41.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At39.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At37.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At35.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At3.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At23.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At21.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At19.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At17.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At15.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At13.job
2012-03-03 12:04 - 2012-02-21 21:55 - 0000344 ____A C:\Windows\Tasks\At11.job
2012-03-03 12:04 - 2012-02-21 21:54 - 0000346 ____A C:\Windows\Tasks\At2.job
2012-03-03 12:04 - 2012-02-21 21:54 - 0000344 ____A C:\Windows\Tasks\At1.job
2012-03-01 22:22 - 2009-07-14 16:24 - 0745518 ____A C:\Windows\System32\perfh00C.dat
2012-03-01 22:22 - 2009-07-14 16:24 - 0149004 ____A C:\Windows\System32\perfc00C.dat
2012-03-01 22:22 - 2009-07-14 06:13 - 1662566 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-01 20:53 - 2012-03-01 04:29 - 0053094 ____A C:\Users\Ophelie\Downloads\One Tree Hill - 9x08 - Episode 8.HDTV.2HD.fr.srt
2012-03-01 20:52 - 2012-03-01 20:52 - 0019957 ____A C:\Users\Ophelie\Downloads\One Tree Hill_9x08_HDTV.2HD.fr.zip
2012-03-01 20:07 - 2012-03-01 19:29 - 168325184 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e08.hdtv.xvid-2hd.avi
2012-03-01 18:50 - 2009-07-14 05:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-01 18:50 - 2009-07-14 05:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-01 18:17 - 2012-03-01 18:15 - 1006371 ____A C:\Users\Ophelie\Downloads\Biologie_Animale_L1_PF_.pdf
2012-03-01 17:57 - 2012-03-01 17:57 - 0028485 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E08.FASTSUB.VOSTFR.HDTV.XviD-ATeam.avi.torrent
2012-02-29 22:06 - 2012-02-29 22:06 - 0000410 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2012-02-29 22:04 - 2012-02-05 15:12 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-02-29 22:04 - 2009-12-25 17:27 - 0000000 ____D C:\Users\Ophelie\Tracing
2012-02-29 22:03 - 2012-01-18 22:22 - 0004792 ____A C:\Windows\setupact.log
2012-02-29 22:03 - 2009-07-14 06:08 - 0032482 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-29 22:03 - 2009-07-14 06:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-02-28 21:05 - 2012-02-28 21:05 - 0012249 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E18.FASTSUB.VOSTFR.HDTV.x264-MiND.mp4.torrent
2012-02-27 21:34 - 2012-02-27 21:34 - 0014618 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S06E01.FRENCH.LD.DVDRip.XviD-JMT.avi.torrent
2012-02-27 19:04 - 2012-02-27 19:04 - 0014581 ____A C:\Users\Ophelie\Downloads\One_Tree_Hill(Les_Frères_Scott)_S06E01_FRENCH_LD_DVDRip_XviD-JMT(tracker-surfer_fr)_avi_TRA.torrent
2012-02-26 23:24 - 2011-05-03 20:16 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2012-02-26 23:24 - 2011-05-03 20:16 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2012-02-26 18:47 - 2012-02-12 18:47 - 0000328 ____A C:\Windows\Tasks\WebReg HP Photosmart B110 series.job
2012-02-26 18:15 - 2010-12-28 15:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\TuneUpMedia
2012-02-25 01:04 - 2010-12-28 15:49 - 0000000 ____D C:\Users\All Users\TuneUpMedia
2012-02-25 01:04 - 2010-12-28 15:49 - 0000000 ____D C:\ProgramData\TuneUpMedia
2012-02-25 00:14 - 2012-02-25 00:14 - 0033694 ____A C:\Users\Ophelie\Downloads\Les Frères Scott Saison 05.torrent
2012-02-24 23:45 - 2012-02-24 23:45 - 0014279 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E07.FASTSUB.VOSTFR.HDTV.XviD-Xtrem.avi.torrent
2012-02-24 23:43 - 2012-02-24 23:43 - 0014383 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e07.hdtv.xvid-2hd.torrent
2012-02-24 19:46 - 2012-02-24 19:35 - 0000000 ____D C:\Users\Ophelie\Downloads\La compile patate !
2012-02-24 19:32 - 2012-02-24 19:32 - 0014466 ____A C:\Users\Ophelie\Downloads\PS I LOVE YOU french.torrent
2012-02-24 19:31 - 2012-02-24 19:31 - 0016979 ____A C:\Users\Ophelie\Downloads\PS.I.Love.You.2008.FRENCH.TS.XviD-CiNEFOX.4041034.TPB.torrent
2012-02-21 22:27 - 2012-02-21 22:27 - 0000678 ____A C:\Windows\PFRO.log
2012-02-21 22:26 - 2012-02-21 21:55 - 0000112 ____A C:\Users\All Users\76E17Y.dat
2012-02-21 22:26 - 2012-02-21 21:55 - 0000112 ____A C:\ProgramData\76E17Y.dat
2012-02-21 22:00 - 2010-12-28 15:44 - 0000000 ____D C:\Program Files (x86)\Vuze_Remote
2012-02-21 21:55 - 2012-02-21 21:54 - 0084146 ____A C:\Windows\SysWOW64\UHfkYR.com_
2012-02-20 21:44 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\NDF
2012-02-19 12:54 - 2009-07-14 05:45 - 0361832 ____A C:\Windows\System32\FNTCACHE.DAT
2012-02-19 12:45 - 2009-09-28 14:07 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-19 12:41 - 2009-12-27 01:28 - 54585368 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-02-17 15:12 - 2012-02-17 15:12 - 0022598 ____A C:\Users\Ophelie\Downloads\bio vegétal.docx
2012-02-17 11:52 - 2010-07-16 20:09 - 0002347 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-02-16 20:22 - 2012-02-16 18:14 - 231698664 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E06.HDTV.XviD-ASAP.avi
2012-02-15 20:00 - 2012-02-15 19:38 - 183519234 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP (1).avi
2012-02-15 15:46 - 2012-02-15 15:09 - 7949424 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP.avi
2012-02-15 15:05 - 2012-02-15 15:05 - 0014542 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother_7x16_HDTV.en.zip
2012-02-13 15:14 - 2012-02-13 15:14 - 0041179 ____A C:\Users\Ophelie\Downloads\Les Frères Scott - Saison 2 [www.torrent411.com].torrent
2012-02-12 18:57 - 2012-02-12 18:57 - 0040155 ____A C:\Users\Ophelie\Downloads\Les Frères Scott - Saison 1 [www.torrent411.com].torrent
2012-02-12 18:50 - 2012-02-12 18:50 - 0040281 ____A C:\Users\Ophelie\Downloads\[kat.ph]les.freres.scott.saison.1.fr.torrent
2012-02-12 18:50 - 2012-02-12 18:50 - 0040281 ____A C:\Users\Ophelie\Downloads\[kat.ph]les.freres.scott.saison.1.fr (1).torrent
2012-02-12 12:50 - 2012-02-12 12:50 - 0025802 ____A C:\Users\Ophelie\Downloads\The Mentalist_4x14_HDTV.LOL.fr.zip
2012-02-12 12:32 - 2012-02-12 11:14 - 400545608 ____A C:\Users\Ophelie\Downloads\Dexter.S01E11.FRENCH.DVDRip.XviD-JMT.avi
2012-02-12 12:24 - 2012-02-12 12:24 - 3193809 ____A C:\Users\Ophelie\Downloads\ifunbox_en.zip
2012-02-11 17:52 - 2012-02-11 17:52 - 0026410 ____A C:\Users\Ophelie\Downloads\Greys Anatomy_8x14_HDTV.LOL.fr(1).zip
2012-02-11 17:02 - 2012-02-11 17:02 - 0028853 ____A C:\Users\Ophelie\Downloads\[isoHunt] The_Mentalist_S04E14_HDTV_XviD-LOL[ettv].7021022.TPB.torrent
2012-02-11 15:55 - 2012-02-11 15:55 - 0028832 ____A C:\Users\Ophelie\Downloads\[isoHunt] Greys_Anatomy_S08E14_HDTV_XviD-LOL[ettv].7021198.TPB.torrent
2012-02-09 21:33 - 2012-02-09 21:33 - 0387921 ____A C:\Users\Ophelie\Downloads\[isoHunt] les freres scoot saison 1,2,3,4,5 en francais.torrent
2012-02-09 18:21 - 2011-09-21 23:28 - 0060469 ____A C:\Users\Ophelie\Downloads\NCIS - 9x01 - Nature of the Beast.HDTV.LoL.fr.srt
2012-02-09 18:20 - 2012-02-09 17:30 - 365111688 ____A C:\Users\Ophelie\Downloads\NCIS.S09E01.FASTSUB.VOSTFR.HDTV.XviD-ROKS.avi
2012-02-09 18:15 - 2012-02-09 18:15 - 0022643 ____A C:\Users\Ophelie\Downloads\NCIS_9x01_HDTV.LoL.fr.zip
2012-02-09 15:37 - 2012-02-09 15:19 - 367005606 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E05.HDTV.XviD-ASAP.avi
2012-02-08 17:31 - 2012-02-08 17:12 - 367055276 ____A C:\Users\Ophelie\Downloads\NCIS.S08E24.FiNAL.FRENCH.DVDRip.XviD-JMT.avi
2012-02-07 22:16 - 2012-02-03 11:24 - 0063192 ____A C:\Users\Ophelie\Downloads\The Mentalist - 4x13 - Episode 13.HDTV.LOL.fr.srt
2012-02-07 22:15 - 2012-02-07 22:15 - 0023857 ____A C:\Users\Ophelie\Downloads\The Mentalist_4x13_HDTV.LOL.fr.zip
2012-02-07 21:54 - 2012-02-07 06:14 - 0035613 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother - 7x15 - The Drunk Train.HDTV.fr.srt
2012-02-07 21:01 - 2012-02-07 20:58 - 0000000 ____D C:\Users\Ophelie\Documents\cours
2012-02-07 20:42 - 2012-02-07 20:32 - 183499942 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E15.HDTV.XviD-ASAP.avi
2012-02-07 20:33 - 2012-02-07 20:33 - 0013591 ____A C:\Users\Ophelie\Downloads\How I Met Your Mother_7x15_HDTV.fr.zip
2012-02-07 19:10 - 2012-02-07 18:48 - 367232520 ____A C:\Users\Ophelie\Downloads\NCIS.S08E23.FRENCH.DVDRip.XviD-JMT.avi
2012-02-05 15:22 - 2012-02-05 15:03 - 366824218 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (2).avi
2012-02-04 16:51 - 2012-02-04 16:38 - 61365192 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (1).avi
2012-02-04 15:38 - 2012-02-04 15:35 - 1161120 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT.avi
2012-02-04 15:20 - 2011-09-17 15:24 - 0233764 ____A C:\Windows\hpoins47.dat
2012-02-04 15:20 - 2011-09-17 15:24 - 0001297 ____A C:\Users\All Users\hpzinstall.log
2012-02-04 15:20 - 2011-09-17 15:24 - 0001297 ____A C:\ProgramData\hpzinstall.log
2012-02-04 15:15 - 2009-07-14 03:34 - 0000470 ____A C:\Windows\win.ini
2012-02-04 13:54 - 2012-02-04 13:54 - 0165925 ____A C:\Users\Ophelie\Downloads\cours bio a.zip
2012-02-03 22:55 - 2012-02-03 22:35 - 366168770 ____A C:\Users\Ophelie\Downloads\the.mentalist.413.hdtv-lol.avi
2012-02-03 22:08 - 2012-02-03 22:08 - 0014611 ____A C:\Users\Ophelie\Downloads\Calendrier année universitaire 2011-2012 L et M (1).pdf
2012-02-03 22:06 - 2012-02-03 22:06 - 0116345 ____A C:\Users\Ophelie\Downloads\Empl tps psycho. L1. Gr 1 à 10 S2 2011 2012.pdf
2012-02-03 22:03 - 2012-02-03 22:03 - 0365330 ____A C:\Users\Ophelie\Downloads\Licence1 - 2011-2012.pdf
2012-02-03 19:40 - 2012-02-03 09:32 - 0032748 ____A C:\Users\Ophelie\Downloads\Greys Anatomy - 8x13 - If Then.HDTV.LOL.fr.srt
2012-02-03 19:39 - 2012-02-03 19:39 - 0012925 ____A C:\Users\Ophelie\Downloads\Greys Anatomy_8x13_HDTV.LOL.fr.zip
2012-02-03 19:33 - 2012-02-03 09:26 - 0070109 ____A C:\Users\Ophelie\Downloads\Greys Anatomy - 8x13 - If Then.HDTV.fr.srt
2012-02-03 19:31 - 2012-02-03 19:01 - 366731640 ____A C:\Users\Ophelie\Downloads\Greys.Anatomy.S08E13.HDTV.XviD-LOL.avi
2012-02-03 18:58 - 2012-02-03 18:58 - 0025236 ____A C:\Users\Ophelie\Downloads\Greys Anatomy_8x13_HDTV.fr.zip
2012-02-03 18:57 - 2012-02-03 18:57 - 0026360 ____A C:\Users\Ophelie\Downloads\Greys Anatomy_8x13_HDTV.LOL.en.zip
2012-02-02 19:03 - 2012-02-02 18:55 - 366989240 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E04.HDTV.XviD-ASAP.avi
2012-01-31 21:14 - 2012-01-31 21:14 - 1985013 ____A C:\Users\Ophelie\Downloads\photo (2).JPG
2012-01-29 22:54 - 2012-01-29 22:54 - 0022815 ____A C:\Users\Ophelie\Downloads\PACES Organisation détaillée des CM - 2ème semestre 2011 2012.pdf
2012-01-29 22:54 - 2012-01-29 22:54 - 0017432 ____A C:\Users\Ophelie\Downloads\Emploi du temps PACES 2ème semestre 2011 2012 (2).pdf
2012-01-26 18:44 - 2012-01-26 18:44 - 0029032 ____A C:\Users\Ophelie\Downloads\31C6931D3A5256BB1AF7AEB4DFEF18BBE8286246.torrent
2012-01-26 18:20 - 2012-01-26 18:20 - 0014655 ____A C:\Users\Ophelie\Downloads\[isoHunt] The.Mentalist.4x12.(HDTV-ASAP)[VTV].torrent
2012-01-23 19:46 - 2012-01-23 19:46 - 0014453 ____A C:\Users\Ophelie\Downloads\2D4EA1A4FEBCCED5B83D47F716EBFFDE049BCE12.torrent
2012-01-23 19:43 - 2012-01-23 19:43 - 0014422 ____A C:\Users\Ophelie\Downloads\43CC5052DA60818E3E49D662E97E6939183CBF73.torrent
2012-01-22 16:56 - 2012-01-22 16:56 - 0014600 ____A C:\Users\Ophelie\Downloads\The Mentalist S01-E09-10 French.torrent
2012-01-22 03:07 - 2011-08-03 20:28 - 1641112 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-01-18 22:22 - 2012-01-18 22:22 - 0000000 ____A C:\Windows\setuperr.log
2012-01-18 22:21 - 2011-12-31 11:13 - 0003008 ____A C:\Users\Ophelie\Downloads\Ophélie CityVille.txt
2012-01-17 17:56 - 2012-01-17 17:56 - 0017432 ____A C:\Users\Ophelie\Downloads\Emploi du temps PACES 2ème semestre 2011 2012 (1).pdf
2012-01-16 18:19 - 2012-01-16 17:28 - 733753344 ____A C:\Users\Ophelie\Downloads\Intouchables 2011 FRENCH DVDRiP XViD.avi
2012-01-15 22:46 - 2010-12-28 21:11 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\DAEMON Tools Lite
2012-01-15 22:44 - 2009-09-28 13:04 - 0000000 ____D C:\Windows\Panther
2012-01-15 22:28 - 2011-03-28 20:29 - 0000829 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-01-15 22:28 - 2011-03-28 20:29 - 0000000 ____D C:\Program Files\CCleaner
2012-01-15 22:27 - 2012-01-15 22:27 - 3562624 ____A (Piriform Ltd) C:\Users\Ophelie\Downloads\ccsetup314.exe
2012-01-15 22:19 - 2009-12-25 22:05 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-01-15 19:46 - 2012-01-02 21:56 - 0000000 ____D C:\Users\Ophelie\Desktop\RK_Quarantine
2012-01-15 19:14 - 2011-10-18 18:43 - 0000000 ____D C:\Program Files (x86)\Easy Downloads
2012-01-15 18:56 - 2012-01-15 18:56 - 0001848 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-01-15 18:55 - 2011-09-03 11:51 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-01-15 18:55 - 2011-09-03 11:51 - 0000000 ____D C:\ProgramData\AVAST Software
2012-01-15 18:52 - 2012-01-15 18:47 - 61657056 ____A C:\Users\Ophelie\Downloads\setup_av_free (1).exe
2012-01-15 18:33 - 2012-01-15 18:25 - 61657056 ____A C:\Users\Ophelie\Downloads\setup_av_free.exe
2012-01-14 05:06 - 2012-02-16 11:58 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-13 14:48 - 2011-12-31 11:13 - 0003083 ____A C:\Users\Ophelie\Downloads\Ophélie CityVille (1).txt
2012-01-10 23:06 - 2012-01-10 23:06 - 0017432 ____A C:\Users\Ophelie\Downloads\Emploi du temps PACES 2ème semestre 2011 2012.pdf
2012-01-10 23:05 - 2012-01-10 23:05 - 0014277 ____A C:\Users\Ophelie\Downloads\EDTL1S2 Gr2 (3).pdf
2012-01-08 14:41 - 2012-01-08 14:41 - 0079479 ____A C:\Users\Ophelie\Downloads\releve_operations (1).pdf
2012-01-08 14:40 - 2012-01-08 14:40 - 0036655 ____A C:\Users\Ophelie\Downloads\releve_operations.pdf
2012-01-08 14:30 - 2012-01-08 14:30 - 0005058 ____A C:\Users\Ophelie\Downloads\00020176701.csv
2012-01-08 14:29 - 2012-01-08 14:29 - 0000817 ____A C:\Users\Ophelie\Downloads\00020176703.csv
2012-01-07 14:00 - 2012-01-03 19:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Ento
2012-01-03 22:47 - 2012-01-03 19:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Cebau
2012-01-03 22:46 - 2011-06-11 17:19 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-01-03 07:53 - 2012-01-03 07:53 - 0014277 ____A C:\Users\Ophelie\Downloads\EDTL1S2 Gr2 (2).pdf
2012-01-02 22:07 - 2012-01-02 22:07 - 0019313 ____A C:\Users\Ophelie\Downloads\Calendrier Licence 2011-2012 (2).pdf
2012-01-02 21:59 - 2012-01-02 21:59 - 0003353 ____A C:\Users\Ophelie\Desktop\RKreport[1].txt
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\Users\Ophelie\AppData\Local\bsc7o1i0dbmi
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\Users\All Users\bsc7o1i0dbmi
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\ProgramData\bsc7o1i0dbmi
2012-01-02 21:23 - 2012-01-02 21:23 - 0000000 ____D C:\Windows\system64
2012-01-02 21:22 - 2012-01-02 21:22 - 0000000 ____D C:\Users\Ophelie\AppData\Local\SanctionedMedia
2012-01-02 11:50 - 2012-01-02 11:50 - 0014277 ____A C:\Users\Ophelie\Downloads\EDTL1S2 Gr2 (1).pdf
2012-01-02 11:48 - 2012-01-02 11:48 - 0032584 ____A C:\Users\Ophelie\Downloads\Groupes L1 Semestre 2 (1).pdf
2011-12-28 04:59 - 2012-02-16 11:58 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-26 23:58 - 2009-09-28 13:50 - 0000000 ____D C:\Users\All Users\WildTangent
2011-12-26 23:58 - 2009-09-28 13:50 - 0000000 ____D C:\ProgramData\WildTangent
2011-12-26 12:35 - 2009-12-25 19:59 - 0000443 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2011-12-26 00:19 - 2011-12-25 23:37 - 740504856 ____A C:\Users\Ophelie\Downloads\The.Twilight.Story.Breaking.Dawn.Part.1.2011.TRUEFRENCH.TS.MD.XviD-ANONYM.avi
2011-12-26 00:09 - 2011-12-26 00:09 - 0014277 ____A C:\Users\Ophelie\Downloads\EDTL1S2 Gr2.pdf
2011-12-26 00:06 - 2011-12-26 00:06 - 0032584 ____A C:\Users\Ophelie\Downloads\Groupes L1 Semestre 2.pdf
2011-12-25 23:29 - 2011-12-25 22:51 - 736826298 ____A C:\Users\Ophelie\Downloads\serum-ita-r5.avi
2011-12-20 22:44 - 2010-12-29 16:14 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\vlc
2011-12-20 16:22 - 2011-12-20 16:22 - 0020103 ____A C:\Users\Ophelie\Downloads\Chinese_Man-Racing_With_The_Sun.6315617.TPB.torrent
2011-12-20 16:21 - 2011-12-20 16:21 - 0017404 ____A C:\Users\Ophelie\Downloads\Chinese Man Records.torrent
2011-12-20 15:58 - 2011-12-20 15:58 - 0032391 ____A C:\Users\Ophelie\Downloads\Eels_-_Hombre_Lobo__12_Songs_of_Desire_[mp3-160-2009].4918256.TPB.torrent
2011-12-17 16:50 - 2011-12-17 01:11 - 53009052 ____A C:\Users\Ophelie\Documents\Voici l’histoire d’un mariage heureux.pptx
2011-12-16 21:59 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\rescache
2011-12-16 09:47 - 2012-02-16 12:00 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-12-16 09:47 - 2012-02-16 12:00 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-12-16 09:47 - 2012-02-16 12:00 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-12-16 09:46 - 2012-02-16 11:57 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-12-16 08:52 - 2012-02-16 11:57 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2011-12-16 07:44 - 2012-02-16 12:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-12-16 07:09 - 2012-02-16 12:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-12-15 22:21 - 2011-04-24 08:57 - 0000000 ____D C:\Users\Ophelie\AppData\Local\Microsoft Help
2011-12-15 11:55 - 2009-09-28 14:01 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-12-15 11:55 - 2009-09-28 14:01 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-12-15 11:48 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2011-12-15 11:48 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-12-14 07:14 - 2011-12-14 07:14 - 0000000 ____D C:\Users\Ophelie\Desktop\photos maman
2011-12-12 16:59 - 2011-12-12 16:49 - 86872258 ____A C:\Users\Ophelie\Downloads\Birdy Nam Nam - Manual For Successful Rioting CD (2009)[Par pochtromax pour planete-lolo].rar

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 4060.87 MB
Available physical RAM: 3463.9 MB
Total Pagefile: 4059.02 MB
Available Pagefile: 3454.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:4.39 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:0.02 GB) NTFS
3 Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: () (Removable) (Total:3.8 GB) (Free:3.8 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Nø disque Statut Taille Libre Dyn GPT
--------- ------------- ------- ------- --- ---
Disque 0 En ligne 465 G octets 0 octets
Disque 1 En ligne 3900 M octets 0 octets

Partitions of Disk 0:
===============

Le disque 0 est maintenant le disque s‚lectionn‚.

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 R‚cup‚ration 400 M 1024 K
Partition 2 Principale 232 G 401 M
Partition 3 Principale 232 G 233 G

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 1 est maintenant la partition s‚lectionn‚e.

Partition 1
Type : 27
Masqu‚ : Oui
Active : Oui
D‚calage en octets : 1048576

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E SYSTEM NTFS Partition 400 M Sain Masqu‚

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 2 est maintenant la partition s‚lectionn‚e.

Partition 2
Type : 07
Masqu‚ : Non
Active : Non
D‚calage en octets : 420478976

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C WINDOWS NTFS Partition 232 G Sain

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 3 est maintenant la partition s‚lectionn‚e.

Partition 3
Type : 07
Masqu‚ : Non
Active : Non
D‚calage en octets : 250474397696

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Data NTFS Partition 232 G Sain

======================================================================================================

Partitions of Disk 1:
===============

Le disque 1 est maintenant le disque s‚lectionn‚.

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 Principale 3896 M 4096 K

======================================================================================================

Disk: 1
Le disque 1 est maintenant le disque s‚lectionn‚.

La partition 1 est maintenant la partition s‚lectionn‚e.

Partition 1
Type : 0B
Masqu‚ : Non
Active : Oui
D‚calage en octets : 4194304

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Amovible 3896 M Sain

======================================================================================================

==========================================================

Last Boot: 2012-02-29 22:02

======================= End Of Log ==========================










Please make me a fixlist.text :D

Edited by HoeSoSilly, 06 March 2012 - 03:46 AM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 04:03 AM

Hello HoeSoSilly,

Welcome to the forum.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
HKU\Ophelie\...\Run: [{38A60FFE-97CC-4268-9C3B-90247DD1D416}] C:\Users\Ophelie\AppData\Roaming\Ento\ubegy.exe [x]
SubSystems: [Windows] ==> ZeroAccess
2 dac960nt; C:\Windows\System32\useraccess7.dll [6656 2009-07-14] (Oak Technology Inc.)
C:\Windows\System32\useraccess7.dll
NETSVC: dac960nt
cmd: del /a/f/q c:\windows\tasks\at*.job
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options and select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart, let it boot normally and tell me how it went.

#5 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 06 March 2012 - 04:22 AM

Thanks for your fast reply !

So i did what you said, i fix it with FRST64, it said that was done, and fixlog.txt was created, but now when i boot, i have a blue screen, with a long text saying to me :

A problem has been detected and windows has been shut down to prevent damage to your computer.

A process or a thread crucial to system operation has unexepected exited or been terminated.

If this is the first time you've seen this stop error screen, restart your computer. ETC .. => The restart doesn't fix anything

Then : Technical information

STOP : 0x000000F4 (0x0000000000000003, 0xFFFFFAB006ADCB30, 0xFFFFFAB006ABDE10, 0xFFFFF800037DF860)






fixlog file :

Fix result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 06-03-2012
Ran by Système at 2012-03-06 10:13:10 R:1
Running from G:\

==============================================

HKEY_USERS\Ophelie\Software\Microsoft\Windows\CurrentVersion\Run\\{38A60FFE-97CC-4268-9C3B-90247DD1D416} Value deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
dac960nt service deleted successfully.
C:\Windows\System32\useraccess7.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs dac960nt Deleted successfully.

========= del /a/f/q c:\windows\tasks\at*.job =========


========= End of CMD: =========


==== End of Fixlog ====


I can start in safe mode, and that is new :)

Edited by HoeSoSilly, 06 March 2012 - 05:00 AM.


#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 05:02 AM

I need to see the fixlog.txt as requested.

Please copy and paste the content of it to your reply.

#7 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 05:09 AM

I see the post was edited and the log added. Please don't edit the post to avoid confusion.

Now please log to safe mode. Make sure if you get notification about system restore you don't restore system again otherwise the infection comes back.

Uninstall AVAST and Ad-Aware. Reboot the computer and see if it boots normally.

#8 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 06 March 2012 - 05:13 AM

It said :

Restore can't be made


And i've deleted AVAST and Ad-Aware, now it say : BOOTMGR is missing !

#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 05:47 AM

Please make a new FRST log. Don't change any default setting. Just press Scan and post the log.

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 06:13 AM

Please don't miss my previous post.

Before making a new FRST log try the following:

  • Remove your flash drive from the computer and restart and see if it boot.
  • If it didn't boot normally go to System Recovery Option, but instead of Command Prompt select: Startup Repair.
    Run the startup repair and when it finished see if you can boot normally.


#11 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 06 March 2012 - 09:40 AM

I can't access to the Recovery Console, my comp doesn't boot, so i have install Ubuntu in dual boot, when i try to acess to "Repair your computer" in the F8 menu, it said it is impossible ! So i am downloading a ISO file of Win 7 x64 to get recovery console and then make a log. I can't do it now, i'll in fews hours, thanks a lot for helping me :)

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 10:03 AM

Please give me feedback about what you are doing. You could make FRST log before, what happens if you now try the same procedure. We have done nothing to change that.

When have you installed Ubuntu?

Please give me proper feedback about step one.

Can you run run startup repair right after restart without going to System Recovery Options?

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 10:04 AM

Also please tell me if you can boot to Safe Mode. In that case we can try something else.

#14 HoeSoSilly

HoeSoSilly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 06 March 2012 - 02:25 PM

Yep i can boot in safe mode, since you send me the fixlist.txt

I made a new log file, the "startup repair" doesn't work so.. i don't know what to do !

I've installed Ubuntu to enter in the file system when i open this topic :/

I paste my new log file :


Scan result of Farbar Recovery Scan Tool Version: 06-03-2012
Ran by Système at 06-03-2012 21:16:15
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-26] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH)
HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1481568 2009-09-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2009-08-12] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Ophelie\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Ophelie\...\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run [294912 2010-02-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

==================== Services (Whitelisted) ======

2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [116104 2009-08-26] (Toshiba Europe GmbH)
2 Thpsrv; C:\Windows\system32\ThpSrv.exe [531520 2009-07-08] (TOSHIBA Corporation)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [x]
2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe" [x]

========================== Drivers (Whitelisted) =============

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-11-28] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [66904 2011-11-28] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [591192 2011-11-28] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [304472 2011-11-28] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58712 2011-11-28] (AVAST Software)
3 enecir; C:\Windows\System32\DRIVERS\enecir.sys [70656 2009-06-29] (ENE TECHNOLOGY INC.)
3 enecirhid; C:\Windows\System32\DRIVERS\enecirhid.sys [14848 2009-05-19] (ENE TECHNOLOGY INC.)
3 enecirhidma; C:\Windows\System32\DRIVERS\enecirhidma.sys [6656 2008-04-24] (ENE TECHNOLOGY INC.)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-02-04] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-12-03] (Lavasoft AB)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-04-09] (Duplex Secure Ltd.)
3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-14] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\System32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\System32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\drivers\appid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys CE6D8BCC4787704EA4FEEB92B0D0CAF8
C:\Windows\system32\drivers\aswMonFlt.sys 0DEBEB2E3FBD0BF5343125CCE617F105
C:\Windows\System32\Drivers\aswRdr.sys 952EDC2E81F85D1781958D4128BF59F8
C:\Windows\System32\Drivers\aswSnx.sys DD383E2AC941C545A85AB72503DA6C12
C:\Windows\System32\Drivers\aswSP.sys EF5403FB8B2DCB791EC365FDF6040A4A
C:\Windows\System32\Drivers\aswTdi.sys 34165DA5C6B30C0F9D61246BF8A28040
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\System32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys C4943B6C962E4B82197542447AD599F4
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\enecir.sys 524C79054636D2E5751169005006460B
C:\Windows\System32\DRIVERS\enecirhid.sys E17EB95358F396E27D573A1B20F891F8
C:\Windows\System32\DRIVERS\enecirhidma.sys 8492D808C79BD6FE439F77BE84956CDF
C:\Windows\System32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jmcr.sys F8844B00C10E386C704C610E95A9847D
C:\Windows\System32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys DA1E991A61CFDD755A589E206B97644B
C:\Windows\System32\Drivers\ksecpkg.sys 7E33198D956943A4F11A5474C1E9106F
C:\Windows\System32\drivers\ksthunk.sys ==> MD5 is legit
C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 9A7FA6371F68335FD3C3D6488BC5A9F8
C:\Windows\System32\DRIVERS\Lbd.sys 3C46290F7A5D45BA6EF32C248E22AA69
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LPCFilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\System32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\System32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys CB599955CE2CE9694721562F9481CD84
C:\Windows\System32\DRIVERS\nvlddmkm.sys 7A0FA5FE8B2904CDF3E375F45C23A858
C:\Windows\System32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\System32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rtl8192se.sys ==> MD5 is legit
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 0FAA1933FBCF916C301FF94ACC623031
C:\Windows\System32\drivers\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\DRIVERS\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D
C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38
C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA
C:\Windows\System32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\System32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-03-06 20:42 - 2010-11-20 13:40 - 0383786 _RASH C:\bootmgr
2012-03-06 12:51 - 2012-03-06 20:43 - 0000668 ____A C:\aaw7boot.log
2012-03-06 10:42 - 2012-03-06 10:42 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\GlarySoft
2012-03-06 10:39 - 2012-03-06 10:39 - 0001073 ____A C:\Users\Ophelie\Desktop\Glary Utilities.lnk
2012-03-06 10:39 - 2012-03-06 10:39 - 0000328 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-03-06 10:39 - 2012-03-06 10:39 - 0000000 ____D C:\Program Files (x86)\Glary Utilities
2012-03-06 10:16 - 2012-03-06 10:16 - 284050928 ____A C:\Windows\MEMORY.DMP
2012-03-06 09:40 - 2012-03-06 21:16 - 0000000 ____D C:\FRST
2012-03-05 17:39 - 2012-03-06 11:09 - 0767924 ____A C:\Windows\ntbtlog.txt
2012-03-01 19:29 - 2012-03-01 20:07 - 168325184 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e08.hdtv.xvid-2hd.avi
2012-02-29 22:06 - 2012-03-06 10:21 - 0000410 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2012-02-24 19:35 - 2012-02-24 19:46 - 0000000 ____D C:\Users\Ophelie\Downloads\La compile patate !
2012-02-21 22:27 - 2012-03-06 10:52 - 0001726 ____A C:\Windows\PFRO.log
2012-02-21 21:55 - 2012-02-21 22:26 - 0000112 ____A C:\Users\All Users\76E17Y.dat
2012-02-21 21:55 - 2012-02-21 22:26 - 0000112 ____A C:\ProgramData\76E17Y.dat
2012-02-21 21:54 - 2012-02-21 21:55 - 0084146 ____A C:\Windows\SysWOW64\UHfkYR.com_
2012-02-17 15:12 - 2012-02-17 15:12 - 0022598 ____A C:\Users\Ophelie\Downloads\bio vegétal.docx
2012-02-16 18:14 - 2012-02-16 20:22 - 231698664 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E06.HDTV.XviD-ASAP.avi
2012-02-16 12:00 - 2011-12-16 09:47 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-16 12:00 - 2011-12-16 09:47 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-16 12:00 - 2011-12-16 09:47 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-16 12:00 - 2011-12-16 09:45 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-16 12:00 - 2011-12-16 08:54 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-16 12:00 - 2011-12-16 08:52 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-16 12:00 - 2011-12-16 07:44 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-16 12:00 - 2011-12-16 07:09 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-16 11:58 - 2012-01-14 05:06 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-16 11:58 - 2011-12-28 04:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-02-16 11:57 - 2011-12-16 09:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-16 11:57 - 2011-12-16 08:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-02-15 19:38 - 2012-02-15 20:00 - 183519234 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP (1).avi
2012-02-15 15:09 - 2012-02-15 15:46 - 7949424 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP.avi
2012-02-12 18:47 - 2012-02-26 18:47 - 0000328 ____A C:\Windows\Tasks\WebReg HP Photosmart B110 series.job
2012-02-12 11:14 - 2012-02-12 12:32 - 400545608 ____A C:\Users\Ophelie\Downloads\Dexter.S01E11.FRENCH.DVDRip.XviD-JMT.avi
2012-02-09 17:30 - 2012-02-09 18:20 - 365111688 ____A C:\Users\Ophelie\Downloads\NCIS.S09E01.FASTSUB.VOSTFR.HDTV.XviD-ROKS.avi
2012-02-09 15:19 - 2012-02-09 15:37 - 367005606 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E05.HDTV.XviD-ASAP.avi
2012-02-08 17:12 - 2012-02-08 17:31 - 367055276 ____A C:\Users\Ophelie\Downloads\NCIS.S08E24.FiNAL.FRENCH.DVDRip.XviD-JMT.avi
2012-02-07 20:58 - 2012-02-07 21:01 - 0000000 ____D C:\Users\Ophelie\Documents\cours
2012-02-07 20:32 - 2012-02-07 20:42 - 183499942 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E15.HDTV.XviD-ASAP.avi
2012-02-07 18:48 - 2012-02-07 19:10 - 367232520 ____A C:\Users\Ophelie\Downloads\NCIS.S08E23.FRENCH.DVDRip.XviD-JMT.avi
2012-02-05 15:12 - 2012-02-29 22:04 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-02-05 15:03 - 2012-02-05 15:22 - 366824218 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (2).avi

============ 3 Months Modified Files and Folders =============

2012-03-06 21:16 - 2012-03-06 09:40 - 0000000 ____D C:\FRST
2012-03-06 20:43 - 2012-03-06 12:51 - 0000668 ____A C:\aaw7boot.log
2012-03-06 20:43 - 2009-10-19 17:56 - 3193597952 __ASH C:\hiberfil.sys
2012-03-06 11:11 - 2010-12-28 16:34 - 0000000 ____D C:\Users\Ophelie\Documents\Vuze Downloads
2012-03-06 11:09 - 2012-03-05 17:39 - 0767924 ____A C:\Windows\ntbtlog.txt
2012-03-06 11:04 - 2011-11-07 15:02 - 0000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012
2012-03-06 10:52 - 2012-02-21 22:27 - 0001726 ____A C:\Windows\PFRO.log
2012-03-06 10:42 - 2012-03-06 10:42 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\GlarySoft
2012-03-06 10:42 - 2011-10-29 16:29 - 0000000 ____D C:\Program Files (x86)\QuickTime
2012-03-06 10:42 - 2011-09-01 20:49 - 0000000 _RSHD C:\sys
2012-03-06 10:42 - 2010-02-23 01:18 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-06 10:42 - 2009-12-25 22:24 - 0000000 ____D C:\Program Files (x86)\Messenger Plus! Live
2012-03-06 10:42 - 2009-10-19 18:16 - 0000000 ____D C:\Users\All Users\TOSHIBA
2012-03-06 10:42 - 2009-10-19 18:16 - 0000000 ____D C:\ProgramData\TOSHIBA
2012-03-06 10:42 - 2009-09-28 13:46 - 0000000 ____D C:\Program Files (x86)\Google
2012-03-06 10:41 - 2011-11-07 15:01 - 0000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-03-06 10:41 - 2011-11-07 15:01 - 0000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-03-06 10:41 - 2011-03-27 01:05 - 0000000 ____D C:\Users\All Users\ClickPotatoLiteSA
2012-03-06 10:41 - 2011-03-27 01:05 - 0000000 ____D C:\ProgramData\ClickPotatoLiteSA
2012-03-06 10:41 - 2010-12-31 18:40 - 0000000 __HDC C:\Users\All Users\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2012-03-06 10:41 - 2010-12-31 18:40 - 0000000 __HDC C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2012-03-06 10:41 - 2009-09-28 14:00 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2012-03-06 10:41 - 2009-09-28 13:50 - 0000000 ____D C:\Users\All Users\WildTangent
2012-03-06 10:41 - 2009-09-28 13:50 - 0000000 ____D C:\ProgramData\WildTangent
2012-03-06 10:40 - 2009-07-14 16:24 - 0745268 ____A C:\Windows\System32\perfh00C.dat
2012-03-06 10:40 - 2009-07-14 16:24 - 0148786 ____A C:\Windows\System32\perfc00C.dat
2012-03-06 10:40 - 2009-07-14 06:13 - 1662566 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-06 10:39 - 2012-03-06 10:39 - 0001073 ____A C:\Users\Ophelie\Desktop\Glary Utilities.lnk
2012-03-06 10:39 - 2012-03-06 10:39 - 0000328 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-03-06 10:39 - 2012-03-06 10:39 - 0000000 ____D C:\Program Files (x86)\Glary Utilities
2012-03-06 10:35 - 2010-12-23 22:23 - 0000000 ____D C:\Windows\pss
2012-03-06 10:29 - 2009-12-25 16:07 - 0000000 ____D C:\Users\Ophelie\AppData\LocalLow
2012-03-06 10:21 - 2012-02-29 22:06 - 0000410 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2012-03-06 10:21 - 2011-05-03 20:16 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2012-03-06 10:21 - 2011-05-03 20:16 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2012-03-06 10:16 - 2012-03-06 10:16 - 284050928 ____A C:\Windows\MEMORY.DMP
2012-03-04 14:34 - 2009-10-19 18:06 - 1500289 ____A C:\Windows\WindowsUpdate.log
2012-03-04 14:33 - 2010-12-28 15:46 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Azureus
2012-03-03 16:37 - 2010-02-02 17:35 - 0001070 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-03-03 12:18 - 2010-02-02 17:35 - 0001066 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-03-01 20:07 - 2012-03-01 19:29 - 168325184 ____A C:\Users\Ophelie\Downloads\one.tree.hill.s09e08.hdtv.xvid-2hd.avi
2012-03-01 18:50 - 2009-07-14 05:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-01 18:50 - 2009-07-14 05:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-02-29 22:04 - 2012-02-05 15:12 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-02-29 22:04 - 2009-12-25 17:27 - 0000000 ____D C:\Users\Ophelie\Tracing
2012-02-29 22:03 - 2012-01-18 22:22 - 0004792 ____A C:\Windows\setupact.log
2012-02-29 22:03 - 2009-07-14 06:08 - 0032482 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-29 22:03 - 2009-07-14 06:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-02-26 18:47 - 2012-02-12 18:47 - 0000328 ____A C:\Windows\Tasks\WebReg HP Photosmart B110 series.job
2012-02-26 18:15 - 2010-12-28 15:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\TuneUpMedia
2012-02-25 01:04 - 2010-12-28 15:49 - 0000000 ____D C:\Users\All Users\TuneUpMedia
2012-02-25 01:04 - 2010-12-28 15:49 - 0000000 ____D C:\ProgramData\TuneUpMedia
2012-02-24 19:46 - 2012-02-24 19:35 - 0000000 ____D C:\Users\Ophelie\Downloads\La compile patate !
2012-02-21 22:26 - 2012-02-21 21:55 - 0000112 ____A C:\Users\All Users\76E17Y.dat
2012-02-21 22:26 - 2012-02-21 21:55 - 0000112 ____A C:\ProgramData\76E17Y.dat
2012-02-21 21:55 - 2012-02-21 21:54 - 0084146 ____A C:\Windows\SysWOW64\UHfkYR.com_
2012-02-20 21:44 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\NDF
2012-02-19 12:54 - 2009-07-14 05:45 - 0361832 ____A C:\Windows\System32\FNTCACHE.DAT
2012-02-19 12:45 - 2009-09-28 14:07 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-19 12:41 - 2009-12-27 01:28 - 54585368 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-02-17 15:12 - 2012-02-17 15:12 - 0022598 ____A C:\Users\Ophelie\Downloads\bio vegétal.docx
2012-02-17 11:52 - 2010-07-16 20:09 - 0002347 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-02-16 20:22 - 2012-02-16 18:14 - 231698664 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E06.HDTV.XviD-ASAP.avi
2012-02-15 20:00 - 2012-02-15 19:38 - 183519234 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP (1).avi
2012-02-15 15:46 - 2012-02-15 15:09 - 7949424 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E16.FASTSUB.VOSTFR.HDTV.XviD-KP.avi
2012-02-12 12:32 - 2012-02-12 11:14 - 400545608 ____A C:\Users\Ophelie\Downloads\Dexter.S01E11.FRENCH.DVDRip.XviD-JMT.avi
2012-02-09 18:20 - 2012-02-09 17:30 - 365111688 ____A C:\Users\Ophelie\Downloads\NCIS.S09E01.FASTSUB.VOSTFR.HDTV.XviD-ROKS.avi
2012-02-09 15:37 - 2012-02-09 15:19 - 367005606 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E05.HDTV.XviD-ASAP.avi
2012-02-08 17:31 - 2012-02-08 17:12 - 367055276 ____A C:\Users\Ophelie\Downloads\NCIS.S08E24.FiNAL.FRENCH.DVDRip.XviD-JMT.avi
2012-02-07 21:01 - 2012-02-07 20:58 - 0000000 ____D C:\Users\Ophelie\Documents\cours
2012-02-07 20:42 - 2012-02-07 20:32 - 183499942 ____A C:\Users\Ophelie\Downloads\How.I.Met.Your.Mother.S07E15.HDTV.XviD-ASAP.avi
2012-02-07 19:10 - 2012-02-07 18:48 - 367232520 ____A C:\Users\Ophelie\Downloads\NCIS.S08E23.FRENCH.DVDRip.XviD-JMT.avi
2012-02-05 15:22 - 2012-02-05 15:03 - 366824218 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (2).avi
2012-02-04 16:51 - 2012-02-04 16:38 - 61365192 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT (1).avi
2012-02-04 15:38 - 2012-02-04 15:35 - 1161120 ____A C:\Users\Ophelie\Downloads\NCIS.S08E22.FRENCH.DVDRip.XviD-JMT.avi
2012-02-04 15:20 - 2011-09-17 15:24 - 0233764 ____A C:\Windows\hpoins47.dat
2012-02-04 15:20 - 2011-09-17 15:24 - 0001297 ____A C:\Users\All Users\hpzinstall.log
2012-02-04 15:20 - 2011-09-17 15:24 - 0001297 ____A C:\ProgramData\hpzinstall.log
2012-02-04 15:15 - 2009-07-14 03:34 - 0000470 ____A C:\Windows\win.ini
2012-02-03 22:55 - 2012-02-03 22:35 - 366168770 ____A C:\Users\Ophelie\Downloads\the.mentalist.413.hdtv-lol.avi
2012-02-03 19:31 - 2012-02-03 19:01 - 366731640 ____A C:\Users\Ophelie\Downloads\Greys.Anatomy.S08E13.HDTV.XviD-LOL.avi
2012-02-02 19:03 - 2012-02-02 18:55 - 366989240 ____A C:\Users\Ophelie\Downloads\One.Tree.Hill.S09E04.HDTV.XviD-ASAP.avi
2012-01-31 21:14 - 2012-01-31 21:14 - 1985013 ____A C:\Users\Ophelie\Downloads\photo (2).JPG
2012-01-22 03:07 - 2011-08-03 20:28 - 1641112 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-01-18 22:22 - 2012-01-18 22:22 - 0000000 ____A C:\Windows\setuperr.log
2012-01-18 22:21 - 2011-12-31 11:13 - 0003008 ____A C:\Users\Ophelie\Downloads\Ophélie CityVille.txt
2012-01-16 18:19 - 2012-01-16 17:28 - 733753344 ____A C:\Users\Ophelie\Downloads\Intouchables 2011 FRENCH DVDRiP XViD.avi
2012-01-15 22:46 - 2010-12-28 21:11 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\DAEMON Tools Lite
2012-01-15 22:44 - 2009-09-28 13:04 - 0000000 ____D C:\Windows\Panther
2012-01-15 22:28 - 2011-03-28 20:29 - 0000829 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-01-15 22:28 - 2011-03-28 20:29 - 0000000 ____D C:\Program Files\CCleaner
2012-01-15 22:19 - 2009-12-25 22:05 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-01-15 18:55 - 2011-09-03 11:51 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-01-15 18:55 - 2011-09-03 11:51 - 0000000 ____D C:\ProgramData\AVAST Software
2012-01-14 05:06 - 2012-02-16 11:58 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-13 14:48 - 2011-12-31 11:13 - 0003083 ____A C:\Users\Ophelie\Downloads\Ophélie CityVille (1).txt
2012-01-08 14:30 - 2012-01-08 14:30 - 0005058 ____A C:\Users\Ophelie\Downloads\00020176701.csv
2012-01-08 14:29 - 2012-01-08 14:29 - 0000817 ____A C:\Users\Ophelie\Downloads\00020176703.csv
2012-01-07 14:00 - 2012-01-03 19:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Ento
2012-01-03 22:47 - 2012-01-03 19:49 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\Cebau
2012-01-03 22:46 - 2011-06-11 17:19 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\Users\Ophelie\AppData\Local\bsc7o1i0dbmi
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\Users\All Users\bsc7o1i0dbmi
2012-01-02 21:52 - 2012-01-02 21:22 - 0011396 __ASH C:\ProgramData\bsc7o1i0dbmi
2012-01-02 21:23 - 2012-01-02 21:23 - 0000000 ____D C:\Windows\system64
2012-01-02 21:22 - 2012-01-02 21:22 - 0000000 ____D C:\Users\Ophelie\AppData\Local\SanctionedMedia
2011-12-28 04:59 - 2012-02-16 11:58 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-26 12:35 - 2009-12-25 19:59 - 0000443 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2011-12-26 00:19 - 2011-12-25 23:37 - 740504856 ____A C:\Users\Ophelie\Downloads\The.Twilight.Story.Breaking.Dawn.Part.1.2011.TRUEFRENCH.TS.MD.XviD-ANONYM.avi
2011-12-25 23:29 - 2011-12-25 22:51 - 736826298 ____A C:\Users\Ophelie\Downloads\serum-ita-r5.avi
2011-12-20 22:44 - 2010-12-29 16:14 - 0000000 ____D C:\Users\Ophelie\AppData\Roaming\vlc
2011-12-17 16:50 - 2011-12-17 01:11 - 53009052 ____A C:\Users\Ophelie\Documents\Voici l’histoire d’un mariage heureux.pptx
2011-12-16 21:59 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\rescache
2011-12-16 09:47 - 2012-02-16 12:00 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-12-16 09:47 - 2012-02-16 12:00 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-12-16 09:47 - 2012-02-16 12:00 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-12-16 09:46 - 2012-02-16 11:57 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-12-16 09:45 - 2012-02-16 12:00 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-12-16 08:54 - 2012-02-16 12:00 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-12-16 08:52 - 2012-02-16 12:00 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-12-16 08:52 - 2012-02-16 11:57 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2011-12-16 07:44 - 2012-02-16 12:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-12-16 07:09 - 2012-02-16 12:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-12-15 22:21 - 2011-04-24 08:57 - 0000000 ____D C:\Users\Ophelie\AppData\Local\Microsoft Help
2011-12-15 11:55 - 2009-09-28 14:01 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-12-15 11:55 - 2009-09-28 14:01 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-12-15 11:48 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2011-12-15 11:48 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-12-14 07:14 - 2011-12-14 07:14 - 0000000 ____D C:\Users\Ophelie\Desktop\photos maman

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 4060.87 MB
Available physical RAM: 3311.48 MB
Total Pagefile: 4059.07 MB
Available Pagefile: 3363.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:8.06 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: (Données) (Fixed) (Total:116.5 GB) (Free:110.4 GB) NTFS
4 Drive f: () (Removable) (Total:3.8 GB) (Free:0.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: (CLÉGLAGLA) (Removable) (Total:1.88 GB) (Free:1.19 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Nø disque Statut Taille Libre Dyn GPT
--------- ------------- ------- ------- --- ---
Disque 0 En ligne 465 G octets 1024 K octets
Disque 1 En ligne 3900 M octets 0 octets
Disque 2 En ligne 1927 M octets 0 octets

Partitions of Disk 0:
===============

Le disque 0 est maintenant le disque s‚lectionn‚.

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 Principale 400 M 1024 K
Partition 2 Principale 232 G 401 M
Partition 3 Principale 116 G 233 G
Partition 0 tendu 115 G 349 G
Partition 4 Logique 111 G 349 G
Partition 5 Logique 4867 M 461 G

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 1 est maintenant la partition s‚lectionn‚e.

Partition 1
Type : 17
Masqu‚ : Oui
Active : Non
D‚calage en octets : 1048576

Il n'y a pas de volume associ‚ avec cette partition.

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 2 est maintenant la partition s‚lectionn‚e.

Partition 2
Type : 07
Masqu‚ : Non
Active : Oui
D‚calage en octets : 420478976

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C WINDOWS NTFS Partition 232 G Sain

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 3 est maintenant la partition s‚lectionn‚e.

Partition 3
Type : 07
Masqu‚ : Non
Active : Non
D‚calage en octets : 250474397696

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Donn‚es NTFS Partition 116 G Sain

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 4 est maintenant la partition s‚lectionn‚e.

Partition 4
Type : 83
Masqu‚ : Oui
Active : Non
D‚calage en octets : 375561125888

Il n'y a pas de volume associ‚ avec cette partition.

======================================================================================================

Disk: 0
Le disque 0 est maintenant le disque s‚lectionn‚.

La partition 5 est maintenant la partition s‚lectionn‚e.

Partition 5
Type : 82
Masqu‚ : Oui
Active : Non
D‚calage en octets : 495003369472

Il n'y a pas de volume associ‚ avec cette partition.

======================================================================================================

Partitions of Disk 1:
===============

Le disque 1 est maintenant le disque s‚lectionn‚.

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 Principale 3896 M 4096 K

======================================================================================================

Disk: 1
Le disque 1 est maintenant le disque s‚lectionn‚.

La partition 1 est maintenant la partition s‚lectionn‚e.

Partition 1
Type : 07
Masqu‚ : Non
Active : Oui
D‚calage en octets : 4194304

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Amovible 3896 M Sain

======================================================================================================

Partitions of Disk 2:
===============

Le disque 2 est maintenant le disque s‚lectionn‚.

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
* Partition 1 Principale 1927 M 0 o

======================================================================================================

Disk: 2
Le disque 2 est maintenant le disque s‚lectionn‚.

Aucune partition n'est s‚lectionn‚e.

Aucune partition n'est s‚lectionn‚e.
S‚lectionnez une partition et essayez … nouveau.

======================================================================================================

==========================================================

Last Boot: 2012-02-29 22:02

======================= End Of Log ==========================


If you have others questions about what i've done, ask me :)

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:59 AM

Posted 06 March 2012 - 02:49 PM

I'm sorry. I can't help you without your cooperation. I see you have not done what I have asked (except the first fix) and more importantly the system has gone through changes without consulting me.

I'm going to close this topic. You may seek help on another forum where people don't mind running after the facts.

Edited by farbar, 06 March 2012 - 02:50 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users