Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

c:\windows\SysWow64\drivers\ntfs.sys . . . infected!!


  • This topic is locked This topic is locked
2 replies to this topic

#1 Guigui30

Guigui30

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 10 December 2012 - 07:53 PM

Hi everybody my name is Guilhem and after a scan using combofix i have the following problem :
c:\windows\SysWow64\drivers\ntfs.sys . . . is infected!!

Report is following:




OTS logfile created on: 12/11/2012 1:41:54 AM - Run 1
OTS by OldTimer - Version 3.1.47.2     Folder = D:\Téléchargements
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 43.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155.69 Gb Total Space | 72.37 Gb Free Space | 46.48% Space Free | Partition Type: NTFS
Drive D: | 341.80 Gb Total Space | 175.13 Gb Free Space | 51.24% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BAVREGUILHEM-PC
Current User Name: Bavre Guilhem
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> D:\Téléchargements\OTS.exe -> [2012/12/11 01:41:21 | 000,646,656 | ---- | M] (OldTimer Tools)
teamviewer_service.exe -> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -> [2012/11/29 14:50:25 | 003,463,080 | ---- | M] (TeamViewer GmbH)
avastui.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe -> [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software)
avastsvc.exe -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software)
c2c_service.exe -> C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.)
iastoricon.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -> [2012/09/01 17:07:22 | 000,285,240 | ---- | M] (Intel Corporation)
iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2012/09/01 17:07:22 | 000,014,904 | ---- | M] (Intel Corporation)
uns.exe -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2012/07/18 01:10:33 | 000,364,416 | ---- | M] (Intel Corporation)
lms.exe -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2012/07/18 01:10:30 | 000,276,864 | ---- | M] (Intel Corporation)
asscrpro.exe -> C:\Windows\AsScrPro.exe -> [2012/05/31 23:11:11 | 003,058,304 | ---- | M] (ASUS)
liveupdate.exe -> C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -> [2011/08/31 14:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.)
acmon.exe -> C:\Program Files (x86)\ASUS\Splendid\ACMON.exe -> [2011/05/30 21:48:18 | 000,082,944 | ---- | M] (ASUS)
acengsvr.exe -> C:\Windows\SysWOW64\ACEngSvr.exe -> [2011/05/30 21:48:16 | 000,155,648 | ---- | M] (ASUSTeK)
hcontrol.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe -> [2011/01/25 19:32:28 | 000,166,528 | ---- | M] (ASUS)
sensorsrv.exe -> C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe -> [2010/11/15 18:42:12 | 000,305,792 | ---- | M] (ASUS)
dmedia.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe -> [2010/10/07 22:05:14 | 000,170,624 | ---- | M] (ASUS)
controldeck.exe -> C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe -> [2010/09/30 23:15:20 | 001,078,912 | ---- | M] (asus)
wcourier.exe -> C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe -> [2010/09/24 00:53:16 | 001,601,536 | ---- | M] ()
atkosd2.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe -> [2010/08/17 22:55:42 | 005,732,992 | ---- | M] (ASUS)
sonicfocustray.exe -> C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe -> [2010/07/10 06:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus)
gfnexsrv.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -> [2009/12/15 18:39:38 | 000,096,896 | ---- | M] (ASUS)
clmlsvc.exe -> C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe -> [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink)
hcontroluser.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe -> [2009/06/19 18:29:42 | 000,105,016 | ---- | M] (ASUS)
atkosd.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe -> [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS)
asldrsrv.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -> [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS)
wdc.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe -> [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS)
kbfiltr.exe -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe -> [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS)
 
[Modules - No Company Name]
fzshellext.dll -> C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll -> [2012/11/29 22:59:32 | 000,093,696 | ---- | M] ()
ppgooglenaclpluginchrome.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll -> [2012/11/28 04:43:17 | 000,460,904 | ---- | M] ()
pepflashplayer.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll -> [2012/11/28 04:43:16 | 012,456,040 | ---- | M] ()
pdf.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll -> [2012/11/28 04:43:15 | 004,008,040 | ---- | M] ()
libglesv2.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll -> [2012/11/28 04:42:30 | 000,587,880 | ---- | M] ()
libegl.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll -> [2012/11/28 04:42:29 | 000,124,520 | ---- | M] ()
avutil-51.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll -> [2012/11/28 04:42:22 | 000,157,304 | ---- | M] ()
avcodec-54.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll -> [2012/11/28 04:42:21 | 002,168,952 | ---- | M] ()
avformat-54.dll -> C:\Users\Bavre Guilhem\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll -> [2012/11/28 04:42:21 | 000,275,576 | ---- | M] ()
system.workflowservices.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\d53ceada7dcbc8066f027cef2afcb0cb\System.WorkflowServices.ni.dll -> [2012/11/16 16:24:46 | 001,226,752 | ---- | M] ()
system.servicemodel.routing.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d60ccefe0beca0de7cdd30d3881be61e\System.ServiceModel.Routing.ni.dll -> [2012/11/16 16:24:25 | 000,369,664 | ---- | M] ()
system.servicemodel.discovery.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1971d6726582c8566f9aaee24a158aa9\System.ServiceModel.Discovery.ni.dll -> [2012/11/16 16:24:24 | 001,140,736 | ---- | M] ()
system.servicemodel.channels.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d0eed8f474f789e8e5b41b88193805ab\System.ServiceModel.Channels.ni.dll -> [2012/11/16 16:24:23 | 000,082,432 | ---- | M] ()
system.servicemodel.web.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c0afb30b89ae602e3eada4ea3261a62d\System.ServiceModel.Web.ni.dll -> [2012/11/16 16:24:15 | 001,086,464 | ---- | M] ()
system.servicemodel.activities.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\281dddf3da7b196de1df640829a4bcc6\System.ServiceModel.Activities.ni.dll -> [2012/11/16 16:21:45 | 001,393,152 | ---- | M] ()
system.identitymodel.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\59353156806745822ad61a40de8fb631\System.IdentityModel.ni.dll -> [2012/11/16 16:21:41 | 001,072,640 | ---- | M] ()
system.servicemodel.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a27582afda5c9a9258ed2cd787352773\System.ServiceModel.ni.dll -> [2012/11/16 16:21:40 | 018,058,752 | ---- | M] ()
iastordatamgrsvcinterfaces.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\78efda424aedb0e008245ae042086925\IAStorDataMgrSvcInterfaces.ni.dll -> [2012/11/16 16:21:29 | 000,027,648 | ---- | M] ()
iastorcommon.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\c1e6b3dcbfbdb5be3a8c1da0139a34e4\IAStorCommon.ni.dll -> [2012/11/16 16:21:26 | 000,026,112 | ---- | M] ()
iastorutil.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\86b143a551cf33d776b52ab96f9e590f\IAStorUtil.ni.dll -> [2012/11/16 16:21:24 | 000,361,984 | ---- | M] ()
system.xaml.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll -> [2012/11/16 16:21:16 | 001,801,728 | ---- | M] ()
system.web.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\482cd474fddf6a82d4c11cddb527d296\System.Web.ni.dll -> [2012/11/16 16:21:15 | 012,079,616 | ---- | M] ()
system.runtime.durableinstancing.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\bb404633d24f5098f9d7f5f5a1d234c3\System.Runtime.DurableInstancing.ni.dll -> [2012/11/16 16:21:06 | 001,021,952 | ---- | M] ()
system.runtime.serialization.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll -> [2012/11/16 16:21:05 | 002,647,040 | ---- | M] ()
smdiagnostics.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0dd39ca15b3d56a03a31fbf671c80cfe\SMDiagnostics.ni.dll -> [2012/11/16 16:21:05 | 000,143,360 | ---- | M] ()
system.management.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll -> [2012/11/16 16:17:51 | 001,051,136 | ---- | M] ()
presentationframework.aero.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll -> [2012/11/16 14:35:18 | 000,368,128 | ---- | M] ()
presentationframework.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll -> [2012/11/16 14:34:54 | 014,340,608 | ---- | M] ()
system.windows.forms.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll -> [2012/11/16 14:34:43 | 012,436,480 | ---- | M] ()
system.drawing.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll -> [2012/11/16 14:34:37 | 001,591,808 | ---- | M] ()
presentationcore.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll -> [2012/11/16 14:34:35 | 012,237,824 | ---- | M] ()
windowsbase.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll -> [2012/11/16 14:34:27 | 003,347,968 | ---- | M] ()
system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll -> [2012/11/16 14:34:23 | 005,452,800 | ---- | M] ()
system.configuration.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll -> [2012/11/16 14:34:20 | 000,971,264 | ---- | M] ()
system.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll -> [2012/11/16 14:34:18 | 007,988,736 | ---- | M] ()
mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll -> [2012/11/16 14:34:14 | 011,493,376 | ---- | M] ()
system.windows.forms.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll -> [2012/11/16 10:29:42 | 013,198,336 | ---- | M] ()
system.core.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll -> [2012/11/16 10:29:37 | 007,069,184 | ---- | M] ()
system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll -> [2012/11/16 10:29:32 | 005,617,664 | ---- | M] ()
system.drawing.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll -> [2012/11/16 10:29:29 | 001,666,048 | ---- | M] ()
system.configuration.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll -> [2012/11/16 10:29:28 | 000,982,528 | ---- | M] ()
system.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll -> [2012/11/16 10:29:26 | 009,093,632 | ---- | M] ()
mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll -> [2012/11/16 10:29:19 | 014,412,800 | ---- | M] ()
alvupdt.dll -> C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll -> [2011/08/31 14:33:32 | 000,208,384 | ---- | M] ()
glcddll.dll -> C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll -> [2011/05/30 21:48:14 | 000,009,216 | ---- | M] ()
presentationcore.resources.dll -> C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll -> [2011/02/19 05:28:56 | 000,110,592 | ---- | M] ()
presentationframework.resources.dll -> C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll -> [2011/02/19 05:28:54 | 000,245,760 | ---- | M] ()
system.windows.forms.resources.dll -> C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll -> [2010/11/13 00:52:19 | 000,430,080 | ---- | M] ()
mscorlib.resources.dll -> C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll -> [2010/11/13 00:52:13 | 000,311,296 | ---- | M] ()
volume.dll -> C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll -> [2010/09/30 23:14:04 | 000,076,288 | ---- | M] ()
resolution.dll -> C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll -> [2010/09/30 23:13:38 | 000,186,880 | ---- | M] ()
helpfunc.dll -> C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll -> [2010/09/30 23:13:12 | 000,041,472 | ---- | M] ()
brightness.dll -> C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll -> [2010/09/30 23:13:06 | 000,071,680 | ---- | M] ()
wcourier.exe -> C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe -> [2010/09/24 00:53:16 | 001,601,536 | ---- | M] ()
clmlsvcps.dll -> C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll -> [2009/11/02 22:23:36 | 000,013,096 | ---- | M] ()
clmedialibrary.dll -> C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll -> [2009/11/02 22:20:10 | 000,619,816 | ---- | M] ()
 
[Win32 Services - Safe List]
64bit-(avast! Antivirus)  [Auto | Running] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software)
64bit-(LBTServ)  [On_Demand | Stopped] -> C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -> [2012/10/01 08:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.)
64bit-(maconfservice)  [On_Demand | Stopped] -> C:\Program Files\ma-config.com\x64\maconfservice.exe -> [2012/09/23 11:45:00 | 000,427,976 | ---- | M] (CybelSoft)
64bit-(AMD External Events Utility)  [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2012/09/13 23:18:32 | 000,239,616 | ---- | M] (AMD)
64bit-(NitroDriverReadSpool2)  [Auto | Running] -> C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -> [2012/09/04 22:06:58 | 000,216,072 | ---- | M] (Nitro PDF Software)
64bit-(Intel(R) Capability Licensing Service Interface)  [Auto | Running] -> C:\Program Files\Intel\iCLS Client\HeciServer.exe -> [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation)
64bit-(AFBAgent)  [Auto | Running] -> C:\Windows\SysNative\FBAgent.exe -> [2011/01/25 22:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.)
64bit-(TurboBoost)  [On_Demand | Stopped] -> C:\Program Files\Intel\TurboBoost\TurboBoost.exe -> [2010/11/29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation)
64bit-(wlcrasvc)  [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend)  [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(msvsmon80)  [Disabled | Stopped] -> C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe -> [2005/12/09 12:13:06 | 004,476,096 | ---- | M] (Microsoft Corporation)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2012/12/03 23:08:12 | 000,541,168 | ---- | M] (Valve Corporation)
(TeamViewer8) TeamViewer 8 [Auto | Running] -> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -> [2012/11/29 14:50:25 | 003,463,080 | ---- | M] (TeamViewer GmbH)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -> [2012/11/12 17:55:43 | 000,250,808 | ---- | M] (Adobe Systems Incorporated)
(Skype C2C Service) Skype C2C Service [Auto | Running] -> C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.)
(IAStorDataMgrSvc) Technologie de stockage Intel(R) Rapid [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2012/09/01 17:07:22 | 000,014,904 | ---- | M] (Intel Corporation)
(UNS) Intel(R) Management and Security Application User Notification Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2012/07/18 01:10:33 | 000,364,416 | ---- | M] (Intel Corporation)
(LMS) Intel(R) Management and Security Application Local Management Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2012/07/18 01:10:30 | 000,276,864 | ---- | M] (Intel Corporation)
(SkypeUpdate) Skype Updater [Auto | Stopped] -> C:\Program Files (x86)\Skype\Updater\Updater.exe -> [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies)
(wampapache) wampapache [On_Demand | Stopped] -> c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe -> [2012/05/13 19:51:50 | 000,024,576 | ---- | M] (Apache Software Foundation)
(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -> [2012/04/21 02:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation)
(wampmysqld) wampmysqld [On_Demand | Stopped] -> c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -> [2012/04/19 15:45:02 | 009,693,696 | ---- | M] ()
(Partner Service) Partner Service [On_Demand | Stopped] -> C:\ProgramData\Partner\Partner.exe -> [2011/04/13 03:33:32 | 000,332,272 | ---- | M] (Google Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(SwitchBoard) SwitchBoard [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -> [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated)
(ATKGFNEXSrv) ATKGFNEX Service [Auto | Running] -> C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -> [2009/12/15 18:39:38 | 000,096,896 | ---- | M] (ASUS)
(ASLDRService) ASLDR Service [Auto | Running] -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -> [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
64bit-(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswTdi.sys -> [2012/10/30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software)
64bit-(aswSnx) aswSnx [File_System | System | Running] -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2012/10/30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software)
64bit-(aswSP) aswSP [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswSP.sys -> [2012/10/30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software)
64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2012/10/30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software)
64bit-(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswFsBlk.sys -> [2012/10/30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software)
64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2012/10/15 18:44:27 | 000,726,160 | ---- | M] (Realtek                                            )
64bit-(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswRdr2.sys -> [2012/10/15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software)
64bit-(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\LHidFilt.Sys -> [2012/09/18 10:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.)
64bit-(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\LMouFilt.Sys -> [2012/09/18 10:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.)
64bit-(amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2012/09/14 00:01:14 | 010,695,168 | ---- | M] (Advanced Micro Devices, Inc.)
64bit-(amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmpag.sys -> [2012/09/13 22:55:38 | 000,459,776 | ---- | M] (Advanced Micro Devices, Inc.)
64bit-(iaStorA) iaStorA [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStorA.sys -> [2012/09/01 17:01:56 | 000,647,736 | ---- | M] (Intel Corporation)
64bit-(iaStorF) iaStorF [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStorF.sys -> [2012/09/01 17:01:56 | 000,028,216 | ---- | M] (Intel Corporation)
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.)
64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.)
64bit-(asmtxhci) ASMEDIA XHCI Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\asmtxhci.sys -> [2012/07/06 06:32:04 | 000,415,560 | ---- | M] (ASMedia Technology Inc)
64bit-(asmthub3) ASMedia USB3 Hub Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\asmthub3.sys -> [2012/07/06 06:32:04 | 000,138,568 | ---- | M] (ASMedia Technology Inc)
64bit-(MEIx64) Intel(R) Management Engine Interface  [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2012/07/02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation)
64bit-(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\dtsoftbus01.sys -> [2012/06/05 00:25:17 | 000,283,200 | ---- | M] (DT Soft Ltd)
64bit-(AtiHDAudioService) AMD Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtihdW76.sys -> [2012/05/14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices)
64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2011/10/07 09:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.)
64bit-(driverhardwarev2x64) driverhardwarev2x64 [Kernel | On_Demand | Stopped] -> C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -> [2011/07/21 19:55:50 | 000,016,640 | ---- | M] (CybelSoft)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(ETD) ELAN PS/2 Port Input Device [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ETD.sys -> [2010/12/31 11:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.)
64bit-(TurboB) Turbo Boost UI Monitor driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\TurboB.sys -> [2010/11/29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbGD.sys -> [2010/11/20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation)
64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2010/11/05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation)
64bit-(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fssfltr.sys -> [2010/09/23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation)
64bit-(RSUSBVSTOR) RtsUVStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rtsuvstor.sys -> [2010/08/03 11:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.)
64bit-(TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TFsExDisk.sys -> [2010/06/14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc)
64bit-(kbfiltr) Keyboard Filter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\kbfiltr.sys -> [2009/07/20 10:29:40 | 000,015,416 | ---- | M] ( )
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(SiSGbeLH) SiS191/SiS190 Ethernet Device NDIS 6.0 Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\SiSG664.sys -> [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\L1C62x64.sys -> [2009/06/10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\ElbyCDIO.sys -> [2009/02/17 18:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG)
64bit-(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\WimFltr.sys -> [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation)
64bit-(ElbyCDFL) ElbyCDFL [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ElbyCDFL.sys -> [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.)
(speedfan) speedfan [Kernel | Boot | Running] -> C:\Windows\SysWOW64\speedfan.sys -> [2011/03/18 17:08:56 | 000,029,592 | ---- | M] (Almico Software)
(ATKWMIACPIIO) ATKWMIACPI Driver [Kernel | System | Running] -> C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -> [2010/07/26 21:57:20 | 000,017,024 | ---- | M] (ASUS)
(TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -> [2010/06/14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
(ASMMAP64) ASMMAP64 [Kernel | Auto | Running] -> C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -> [2009/07/03 01:36:14 | 000,015,416 | ---- | M] (ASUS)
(ElbyCDFL) ElbyCDFL [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -> [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.)
(StarOpen) StarOpen [File_System | System | Stopped] -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2006/07/24 15:05:00 | 000,005,632 | ---- | M] ()
 
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://asus.msn.com -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://asus.msn.com -> 
HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{ba679afc-8ba0-48f4-b8bf-c144e8699fbc}" [HKLM] -> C:\Program Files (x86)\Ashampoo_FR\prxtbAsha.dll [Ashampoo FR Toolbar] -> [2011/05/09 09:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.)
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\] > -> -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\: Main\\"Start Page" -> http://mystart.incredibar.com/mb201?a=6R8KFcenkR&i=26 -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\: URLSearchHooks\\"{00000000-6E41-4FD3-8538-502F5495E5FC}" [HKLM] -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [UrlSearchHook Class] -> [2012/10/17 00:46:28 | 001,521,352 | ---- | M] (Ask)
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\: URLSearchHooks\\"{ba679afc-8ba0-48f4-b8bf-c144e8699fbc}" [HKLM] -> C:\Program Files (x86)\Ashampoo_FR\prxtbAsha.dll [Ashampoo FR Toolbar] -> [2011/05/09 09:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.)
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Bavre Guilhem\AppData\Roaming\Mozilla\FireFox\Profiles\h681kv4z.default\prefs.js -> 
CT2481024.browser.search.defaultthis.engineName -> true ->
browser.search.defaultengine -> "Ask.com" ->
browser.search.defaultenginename -> "Ask.com" ->
browser.search.order.1 -> "Ask.com" ->
browser.search.selectedEngine -> "Ask.com" ->
browser.startup.homepage -> "http://search.conduit.com/?SSPV=FFSB10&ctid=CT2481024&SearchSource=13" ->
keyword.URL -> "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=fr_FR&apn_uid=A15D58B7-C54C-41D0-B1E4-A45F7914E2D5&apn_ptnrs=^U3&apn_sauid=3A0449EE-5EB1-47BC-9D25-F037500E54B1&apn_dtid=^YYYYYY^YY^FR&&q=" ->
< FireFox Settings [User.js] > -> C:\Users\Bavre Guilhem\AppData\Roaming\Mozilla\FireFox\Profiles\h681kv4z.default\user.js -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions ->  -> 
HKLM\software\mozilla\Firefox\extensions\\wrc@avast.com -> C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF] -> [2012/11/14 08:31:28 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF} -> C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT [C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT] -> [2012/10/15 18:59:51 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\PROGRAM FILES\IB UPDATER\FIREFOX [C:\PROGRAM FILES\IB UPDATER\FIREFOX] -> [2012/11/08 23:16:45 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 12.0\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 12.0\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2012/11/18 23:27:36 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Extensions -> [2012/06/04 19:02:59 | 000,000,000 | ---D | M]
  -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions -> [2012/12/06 20:30:59 | 000,000,000 | ---D | M]
DownloadHelper   -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} -> [2012/12/06 20:30:59 | 000,000,000 | ---D | M]
Ashampoo FR   -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\{ba679afc-8ba0-48f4-b8bf-c144e8699fbc} -> [2012/07/31 13:37:31 | 000,000,000 | ---D | M]
Greasemonkey   -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} -> [2012/08/20 12:22:12 | 000,000,000 | ---D | M]
  -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\ffxtlbr@claro.com -> [2012/09/20 21:53:31 | 000,000,000 | ---D | M]
  -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\ffxtlbr@incredibar.com -> [2012/11/08 23:17:17 | 000,000,000 | ---D | M]
  -> C:\Users\Bavre Guilhem\AppData\Roaming\mozilla\Firefox\Profiles\h681kv4z.default\extensions\toolbar@ask.com -> [2012/12/04 01:05:34 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 askcom.xml -> C:\Users\Bavre Guilhem\AppData\Roaming\Mozilla\FireFox\Profiles\h681kv4z.default\searchplugins\askcom.xml -> [2012/12/04 01:05:35 | 000,002,403 | ---- | M] ()
 conduit.xml -> C:\Users\Bavre Guilhem\AppData\Roaming\Mozilla\FireFox\Profiles\h681kv4z.default\searchplugins\conduit.xml -> [2012/07/05 23:13:46 | 000,000,947 | ---- | M] ()
 MyStart Search.xml -> C:\Users\Bavre Guilhem\AppData\Roaming\Mozilla\FireFox\Profiles\h681kv4z.default\searchplugins\MyStart Search.xml -> [2012/11/08 23:16:30 | 000,002,203 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2012/06/05 00:03:13 | 000,000,000 | ---D | M]
Skype Click to Call   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} -> [2012/11/05 18:31:08 | 000,000,000 | ---D | M]
IB Updater -> C:\PROGRAM FILES\IB UPDATER\FIREFOX -> [2012/11/08 23:16:45 | 000,000,000 | ---D | M]
Logitech SetPoint -> C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT -> [2012/10/15 18:59:51 | 000,000,000 | ---D | M]
No name found -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI -> ()
No name found -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI -> ()
No name found -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\ADAPTER@BABYLONTC.COM.XPI -> ()
Claro Toolbar -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\FFXTLBR@CLARO.COM -> [2012/09/20 21:53:31 | 000,000,000 | ---D | M]
incredibar.com -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\FFXTLBR@INCREDIBAR.COM -> [2012/11/08 23:17:17 | 000,000,000 | ---D | M]
No name found -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\OCR@BABYLON.COM.XPI -> ()
"Ask Toolbar" -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM -> [2012/12/04 01:05:34 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [Program Folders] > -> 
 askcom.xml -> C:\USERS\BAVRE GUILHEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H681KV4Z.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM\searchplugins\askcom.xml -> [2012/12/04 01:05:35 | 000,002,412 | ---- | M] ()
< HOSTS File > ([2012/12/11 01:16:56 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
127.0.0.1       localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2012/10/30 23:50:27 | 001,502,288 | ---- | M] (AVAST Software)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2012/10/02 12:06:02 | 005,748,928 | ---- | M] (Skype Technologies S.A.)
{B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [Office Document Cache Handler] -> [2010/12/21 02:49:28 | 000,689,040 | ---- | M] (Microsoft Corporation)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{000F18F2-09EB-4A59-82B2-5AE4184C39C3} [HKLM] -> C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll [Claro LTD Helper Object] -> [2012/07/09 01:09:26 | 000,263,272 | ---- | M] (Montera Technologeis LTD)
{336D0C35-8A85-403a-B9D2-65C292C39087} [HKLM] -> C:\Program Files\IB Updater\Extension32.dll [IB Updater] -> [2012/10/23 13:11:34 | 000,170,840 | ---- | M] ()
{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} [HKLM] ->  [Incredibar.com Helper Object] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2012/09/25 00:02:30 | 000,449,512 | ---- | M] (Oracle Corporation)
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2012/10/30 23:50:50 | 001,227,736 | ---- | M] (AVAST Software)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2012/10/02 12:13:44 | 004,119,744 | ---- | M] (Skype Technologies S.A.)
{AF949550-9094-4807-95EC-D1C317803333} [HKLM] -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [Logitech SetPoint] -> [2012/10/06 09:15:16 | 000,366,904 | ---- | M] (Logitech, Inc.)
{ba679afc-8ba0-48f4-b8bf-c144e8699fbc} [HKLM] -> C:\Program Files (x86)\Ashampoo_FR\prxtbAsha.dll [Ashampoo FR Toolbar] -> [2011/05/09 09:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2012/09/25 00:02:30 | 000,155,384 | ---- | M] (Oracle Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ETDCtrl" -> C:\Program Files\Elantech\ETDCtrl.exe [%ProgramFiles%\Elantech\ETDCtrl.exe] -> [2010/12/31 11:30:14 | 002,587,944 | ---- | M] (ELAN Microelectronics Corp.)
"EvtMgr6" -> C:\Program Files\Logitech\SetPointP\SetPoint.exe [C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming] -> [2012/10/06 09:14:52 | 002,409,272 | ---- | M] (Logitech, Inc.)
"IntelTBRunOnce" ->  [wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"] -> File not found
"RtHDVBg" -> C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 ] -> [2012/06/13 18:24:12 | 001,212,560 | ---- | M] (Realtek Semiconductor)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"APSDaemon" -> C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.)
"ASUSPRP" -> C:\Program Files (x86)\ASUS\APRP\APRP.EXE ["C:\Program Files (x86)\ASUS\APRP\APRP.EXE"] -> [2011/04/13 03:47:41 | 002,018,032 | ---- | M] (ASUSTek Computer Inc.)
"ASUSWebStorage" -> C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S] -> [2011/02/23 10:49:46 | 000,731,472 | ---- | M] (ecareme)
"ATKMEDIA" -> C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe] -> [2010/10/07 22:05:14 | 000,170,624 | ---- | M] (ASUS)
"ATKOSD2" -> C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] -> [2010/08/17 22:55:42 | 005,732,992 | ---- | M] (ASUS)
"avast" -> C:\Program Files\AVAST Software\Avast\avastUI.exe ["C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui] -> [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software)
"HControlUser" -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe] -> [2009/06/19 18:29:42 | 000,105,016 | ---- | M] (ASUS)
"IAStorIcon" -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60] -> [2012/09/12 13:18:50 | 000,056,128 | ---- | M] (Intel Corporation)
"SonicMasterTray" -> C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe] -> [2010/07/10 06:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus)
"StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2012/09/13 18:02:12 | 000,642,728 | ---- | M] (Advanced Micro Devices, Inc.)
"SwitchBoard" -> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe] -> [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated)
"UpdateLBPShortCut" -> C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2009/05/20 06:16:16 | 000,222,504 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2009/05/20 06:16:16 | 000,222,504 | ---- | M] (CyberLink Corp.)
"Wireless Console 3" -> C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] -> [2010/09/24 00:53:16 | 001,601,536 | ---- | M] ()
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012/08/15 17:52:50 | 004,472,832 | ---- | M] (Google Inc.)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012/08/15 17:52:50 | 004,472,832 | ---- | M] (Google Inc.)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&Envoyer à OneNote ->  [res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105] -> File not found
Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012/08/15 17:52:50 | 004,472,832 | ---- | M] (Google Inc.)
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Button: Skype Click to Call] -> [2012/10/02 12:06:02 | 005,748,928 | ---- | M] (Skype Technologies S.A.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{36ECAF82-3300-8F84-092E-AFF36D6C7040}:{86529161-034E-4F8A-88D2-3C625E612E04} [HKLM] -> C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll [Button: Run WinHTTrack] -> [2012/06/23 11:09:36 | 000,181,248 | ---- | M] ()
{36ECAF82-3300-8F84-092E-AFF36D6C7040}:{86529161-034E-4F8A-88D2-3C625E612E04} [HKLM] -> C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll [Menu: Launch WinHTTrack] -> [2012/06/23 11:09:36 | 000,181,248 | ---- | M] ()
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Click to Call] -> [2012/10/02 12:13:44 | 004,119,744 | ---- | M] (Skype Technologies S.A.)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\] > -> HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-2485618440-3712180276-1970688583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.248.254 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{0309BB13-0AFB-4410-B5C3-8AABE7C444FB}\\DhcpNameServer -> 91.199.6.19 91.199.6.20   (Realtek PCIe GBE Family Controller) -> 
{6737ACCF-DB21-442B-B9E7-82222936DF77}\\DhcpNameServer -> 192.168.248.254   (Atheros AR9285 Wireless Network Adapter) -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010/11/20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 02:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysWOW64\userinit.exe -> [2010/11/20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
LBTWlgn -> c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll -> [2012/10/01 08:22:58 | 000,068,408 | ---- | M] (Logitech, Inc.)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{0E14ABD0-4F59-4785-B1AE-6FA870CD87E5} -> rport=139 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
{0E73E6DE-6560-49FA-B74F-8C0D7547F777} -> lport=137 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{0F40C5D3-C228-44C4-BA8D-AE70DA8DB25A} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{11280CF0-942B-49EC-B03B-8A30FEC04D50} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{14CDFAAC-7335-4CEE-8BDC-9AEE24AC038A} -> lport=138 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{195B7BE2-21E8-4FDE-8EC5-47B8A94FB18E} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{1FDACEBB-3496-455F-B707-EE11594240DC} -> lport=rpc | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{291CFFDB-0320-4CEF-A147-242775680719} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{3A46DB9F-2CD5-4B66-9633-AF0E2320CCA4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{43A3A3D3-C9BC-4DED-8398-55A84C501C07} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{4F3EDC87-A59D-45F8-9B68-FF3B68DD4DF1} -> lport=rpc-epmap | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{506984D9-DE61-4E40-9679-2D3BDE5A3CB8} -> lport=8182 | profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | 
{514C8BFB-21EE-484D-BAEE-92E61393EBE6} -> lport=139 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | 
{6FCE5196-0909-41C7-9035-983DB971562A} -> lport=48113 | profile=private | protocol=6 | dir=in | action=allow | name=maconfig_tcp | 
{72BF6C30-29F9-4EBA-92AD-20A8F744995F} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{9C8E312E-117A-4997-980E-D934590E1246} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{A3EB49C6-C5E9-4FD5-8D30-CA529CEFF8C9} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B} -> lport=5353 | profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | 
{B827E1C7-5A7A-484C-9653-2FE388A8B888} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | 
{BDEC1D8E-1F0F-4327-B7A4-4463A37B9422} -> rport=138 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{BEBE84C7-DCEB-4BC5-883C-B67A76FC0D6E} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{C2F65C21-72E9-432F-9905-A913FE992B7E} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{C93BE796-3D61-4519-96F9-BE62999E1D64} -> rport=137 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{E2489754-81BE-42E5-A772-B03AEB2E64BC} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{E7E0DD6C-F66D-4AFD-BE26-F0106B43BCDE} -> rport=445 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{E92DF8D6-8C45-4630-BE12-ED469D235CC6} -> lport=48113 | profile=private | protocol=17 | dir=in | action=allow | name=maconfig_udp | 
{EC1ED477-3E1A-4A83-8B15-54948862D873} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
{ECE5DB8E-1193-48E0-A71E-8F377554A0D1} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{FE60CE94-61C5-4522-8038-BFF498E68060} -> lport=445 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{0614F92E-261A-4808-BFF9-C1407956D72C} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 | 
{0BA3EAC6-8BB6-4A9C-8DFE-29427D54E89B} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{0CFACEC1-83E6-442D-B8F9-CB9402901B7F} -> profile=private | protocol=6 | dir=in | action=allow | name=remote mouse server | app=c:\program files (x86)\remote mouse\server\server.exe | 
{179F8372-A1A7-4CAE-BF9D-6A9872273F51} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike: global offensive | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
{1DB00A0B-4588-4388-8FA4-F5DE4D505977} -> profile=public | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{23B3F735-8042-47B9-9D8D-8756D0C1486C} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{25BDD843-A815-48A8-A216-66D065687049} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{25F650F2-BD91-4244-81D8-44EB174E5038} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system | 
{35B6D405-C1CE-4CEA-A3F1-8A247191F4A7} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{39720B40-CD6D-46D1-A1D1-54CC92161F47} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{3C091F86-AF1E-451B-9CD7-1163DFCCB308} -> profile=private | protocol=6 | dir=in | action=allow | name=maconfservice | app=c:\program files\ma-config.com\x64\maconfservice.exe | 
{42FF5A77-2262-499D-9B53-A7D1E1B8EBD0} -> profile=private | protocol=6 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
{453AFCEA-015F-4079-8138-E656F0453116} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike: global offensive | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
{4D95588A-BCFC-458F-8769-EB94BF5AEB9F} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{504E92E2-849F-4DAB-8ED1-3AEA7E0ED39C} -> dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{50D76052-134E-46DB-AF8E-63827F883C0F} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
{52FBC7E4-901D-4877-837A-815A8C4F3360} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{576EAD04-809F-460B-BF0A-5987D7F894BE} -> profile=private | protocol=17 | dir=in | action=block | name=apache http server | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | 
{60D72F55-21AA-4854-A824-EBE73DB72779} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{6172C2E2-9FD1-4751-8665-F9FC9F28F795} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{657DBAE5-B498-4CED-BE45-B74214B5BF4C} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike: source | app=c:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe | 
{69D480BE-1A40-4998-AB57-911D182A840F} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike: source | app=c:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe | 
{756EB3B2-2C4F-4F93-ACE6-22F596942902} -> profile=private | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | 
{7C2C64F6-40D1-49FC-A800-3178DEA2BACA} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{7F84C592-058E-466F-AC64-956D390CD01A} -> profile=private | protocol=6 | dir=in | action=block | name=apache http server | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | 
{85C27724-975F-4A07-A4FD-2B49BFE53796} -> profile=private | protocol=17 | dir=in | action=allow | name=dropbox | app=c:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe | 
{868A8B64-1351-481B-A8BA-EE618EF71FB6} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{882EDD7D-F452-44FE-B238-1BC9A189B8DF} -> profile=public | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1} -> dir=in | action=allow | name=windows live mesh | app=c:\program files (x86)\windows live\mesh\moe.exe | 
{917179E5-8A14-49FC-997E-1F59E5B1CA5E} -> profile=public | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{923076E4-4286-413E-A75B-FEE9145DC8B8} -> profile=private | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | 
{931FC622-BD66-4C09-BA57-CCED6C8101D9} -> profile=private | protocol=17 | dir=in | action=allow | name=remote mouse server | app=c:\program files (x86)\remote mouse\server\server.exe | 
{97F9241F-8570-4C08-8548-A97D50B8DD01} -> profile=private | protocol=6 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
{9826DD73-87B8-4D8F-BDE0-0DB03B6C426F} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files\bonjour\mdnsresponder.exe | 
{9C627C30-F257-404F-81EA-E894FEBC4CBE} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{9D100D44-E906-4571-AF59-65D50EC7BE6E} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{A3A3D804-4312-4B36-A482-60DD247B6B87} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike: global offensive - sdk | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | 
{A90E3312-23C9-4143-8CB0-82D9D2562384} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike: global offensive - sdk | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | 
{AAF91C3C-E8F9-44E1-AC8B-935218F9C647} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{B59F3741-1A39-4D44-B762-E3C2216D6854} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{BDCFF0F1-DA12-4D15-A688-1A015D6647F5} -> profile=private | protocol=17 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
{C0F7F502-2918-4046-A42A-D3367BD4E82D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{C36667EA-E078-4D19-AA29-E4F411522062} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files\bonjour\mdnsresponder.exe | 
{C7449476-33C6-456A-A5B8-0EE9013BE277} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{C74DAD1E-6FA3-4FF1-9388-621914C0AA90} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{E5B0C19B-139E-40FC-899F-92053520F9F0} -> profile=public | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{E971B92D-12A5-4536-B9F3-32D8A48B84B8} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{EDD3EED4-BD3E-4F08-B5BB-0869EAD8940C} -> dir=in | action=allow | name=webkit | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
{F3A5E525-D3C1-40DE-85EC-4A4D8D630F00} -> profile=private | protocol=6 | dir=in | action=allow | name=dropbox | app=c:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe | 
{F66BF55D-6009-4E9C-BA79-F7DD8EB43AC8} -> profile=private | protocol=17 | dir=in | action=allow | name=maconfservice | app=c:\program files\ma-config.com\x64\maconfservice.exe | 
{F77A0A0E-A086-456F-A3F3-62D413DA2D40} -> profile=private | protocol=17 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
TCP Query User{2C1966E4-839C-4229-863A-8CDA7FBDD6DF}C:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe -> profile=public | protocol=6 | dir=in | action=allow | name=hl2 | app=c:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe | 
TCP Query User{4DF42051-9D7B-4F24-8184-7162C5840F1B}C:\program files (x86)\orbitdownloader\orbitnet.exe -> profile=private | protocol=6 | dir=in | action=allow | name=p2p service of orbit downloader | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
TCP Query User{5412F28B-3D7D-4A6B-B3FB-90390F0B1DAB}C:\program files (x86)\orbitdownloader\orbitdm.exe -> profile=private | protocol=6 | dir=in | action=allow | name=orbit downloader | app=c:\program files (x86)\orbitdownloader\orbitdm.exe | 
TCP Query User{6F93DEAB-51E7-4E01-8C78-27A0BE295697}C:\program files (x86)\magicdraw uml\jre\bin\javaw.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\magicdraw uml\jre\bin\javaw.exe | 
TCP Query User{794E3271-2F67-4CB3-A695-F4DAD60ED36E}C:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe -> profile=public | protocol=6 | dir=in | action=block | name=dropbox.exe | app=c:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe | 
TCP Query User{AD9E3325-BC77-4ECD-A74D-F05ABF1573E9}C:\program files (x86)\free music zilla\fmzilla.exe -> profile=private | protocol=6 | dir=in | action=allow | name=fmzilla module | app=c:\program files (x86)\free music zilla\fmzilla.exe | 
TCP Query User{CA2E54B4-53CF-4547-B458-DEF5F1AE1447}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe -> profile=public | protocol=6 | dir=in | action=allow | name=csgo | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
TCP Query User{DBCF22D0-D287-44BA-A7EB-B0558BE18B03}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe -> profile=public | protocol=6 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | 
TCP Query User{E8D4E1CA-2CD1-4E5B-B772-B15065506776}C:\program files (x86)\magicdraw uml\jre\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\magicdraw uml\jre\bin\javaw.exe | 
TCP Query User{E987FC62-A7D3-4112-A501-064612DC9A23}C:\program files (x86)\qnap\finder\finder.exe -> profile=private | protocol=6 | dir=in | action=allow | name=finder | app=c:\program files (x86)\qnap\finder\finder.exe | 
TCP Query User{FC693C68-1BEF-4891-913C-BC2430F29A4C}C:\program files (x86)\remote mouse\server\server.exe -> profile=public | protocol=6 | dir=in | action=allow | name=server | app=c:\program files (x86)\remote mouse\server\server.exe | 
UDP Query User{0F885E46-0416-4B04-A21D-DA8689782AD9}C:\program files (x86)\remote mouse\server\server.exe -> profile=public | protocol=17 | dir=in | action=allow | name=server | app=c:\program files (x86)\remote mouse\server\server.exe | 
UDP Query User{21D5F5B1-09BF-443F-9F15-97AF80D54F68}C:\program files (x86)\magicdraw uml\jre\bin\javaw.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\magicdraw uml\jre\bin\javaw.exe | 
UDP Query User{71F7D83F-92E7-4F4A-865B-1186F2BAE813}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe -> profile=public | protocol=17 | dir=in | action=allow | name=csgo | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
UDP Query User{A1ACB1D3-9566-4343-BA6A-16A98ADEA810}C:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe -> profile=public | protocol=17 | dir=in | action=block | name=dropbox.exe | app=c:\users\bavre guilhem\appdata\roaming\dropbox\bin\dropbox.exe | 
UDP Query User{A68EA208-C183-41F7-B8A2-FD03FF721543}C:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe -> profile=public | protocol=17 | dir=in | action=allow | name=hl2 | app=c:\program files (x86)\steam\steamapps\tytan30\counter-strike source\hl2.exe | 
UDP Query User{B9C6F95E-B2D0-458A-BC6E-5261270DBD30}C:\program files (x86)\orbitdownloader\orbitdm.exe -> profile=private | protocol=17 | dir=in | action=allow | name=orbit downloader | app=c:\program files (x86)\orbitdownloader\orbitdm.exe | 
UDP Query User{BF6DEBD3-1B06-483E-ACC9-ADD2FF5DE17E}C:\program files (x86)\free music zilla\fmzilla.exe -> profile=private | protocol=17 | dir=in | action=allow | name=fmzilla module | app=c:\program files (x86)\free music zilla\fmzilla.exe | 
UDP Query User{C85E9336-E380-4FFD-B8A9-405EDEE97ACD}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe -> profile=public | protocol=17 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | 
UDP Query User{CB246D3D-D635-4285-8BCD-60A8227B6297}C:\program files (x86)\orbitdownloader\orbitnet.exe -> profile=private | protocol=17 | dir=in | action=allow | name=p2p service of orbit downloader | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
UDP Query User{DE021E16-A86B-4450-BCC1-3076D1A926E5}C:\program files (x86)\magicdraw uml\jre\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\magicdraw uml\jre\bin\javaw.exe | 
UDP Query User{FAF99C4C-D53B-4A74-99FC-9EA32F136414}C:\program files (x86)\qnap\finder\finder.exe -> profile=private | protocol=17 | dir=in | action=allow | name=finder | app=c:\program files (x86)\qnap\finder\finder.exe | 
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" -> C:\Program Files (x86)\Free Music Zilla\FMZilla.exe [C:\Program Files (x86)\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla] -> [2012/04/20 16:30:28 | 000,737,048 | ---- | M] ()
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Pilote de CD-ROM -> 
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
 
[Files/Folders - Created Within 30 Days]
 $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2012/12/11 01:17:00 | 000,000,000 | ---D | C]
 DeskPins -> C:\Users\Bavre Guilhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeskPins -> [2012/12/09 18:24:10 | 000,000,000 | ---D | C]
 DeskPins -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeskPins -> [2012/12/09 18:24:10 | 000,000,000 | ---D | C]
 DeskPins -> C:\Program Files (x86)\DeskPins -> [2012/12/09 18:24:10 | 000,000,000 | ---D | C]
 TeamViewer -> C:\Users\Bavre Guilhem\AppData\Roaming\TeamViewer -> [2012/12/09 15:19:26 | 000,000,000 | ---D | C]
 WampServer -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer -> [2012/12/08 15:09:39 | 000,000,000 | ---D | C]
 wamp -> C:\wamp -> [2012/12/08 15:07:55 | 000,000,000 | ---D | C]
 Virtual Clermont -> C:\Users\Bavre Guilhem\Desktop\Virtual Clermont -> [2012/12/07 10:36:54 | 000,000,000 | ---D | C]
 Mes_Sites -> C:\Users\Bavre Guilhem\Documents\Mes_Sites -> [2012/12/07 09:10:59 | 000,000,000 | ---D | C]
 WinHTTrack -> C:\Program Files (x86)\WinHTTrack -> [2012/12/06 19:44:43 | 000,000,000 | ---D | C]
 TeamViewer -> C:\Program Files (x86)\TeamViewer -> [2012/12/06 18:08:14 | 000,000,000 | ---D | C]
 Site Web -> C:\Users\Bavre Guilhem\Documents\Site Web -> [2012/12/05 18:10:06 | 000,000,000 | ---D | C]
 FileZilla -> C:\Users\Bavre Guilhem\AppData\Roaming\FileZilla -> [2012/12/05 18:04:33 | 000,000,000 | ---D | C]
 Babylon -> C:\Program Files\Babylon -> [2012/12/04 01:05:01 | 000,000,000 | ---D | C]
 Babylon -> C:\Program Files (x86)\Babylon -> [2012/12/04 01:05:01 | 000,000,000 | ---D | C]
 iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2012/11/30 15:02:00 | 000,000,000 | ---D | C]
 iPod -> C:\Program Files\iPod -> [2012/11/30 15:01:30 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files\iTunes -> [2012/11/30 15:01:29 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files (x86)\iTunes -> [2012/11/30 15:01:29 | 000,000,000 | ---D | C]
 34BE82C4-E596-4e99-A191-52C6199EBF69 -> C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 -> [2012/11/30 15:01:29 | 000,000,000 | ---D | C]
 Microchip -> C:\Users\Bavre Guilhem\AppData\Roaming\Microchip -> [2012/11/28 15:06:48 | 000,000,000 | ---D | C]
 Microchip -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microchip -> [2012/11/28 15:05:37 | 000,000,000 | ---D | C]
 Microchip Starter Kits -> C:\Microchip Starter Kits -> [2012/11/28 15:04:39 | 000,000,000 | ---D | C]
 Config.Msi -> C:\Config.Msi -> [2012/11/28 15:01:04 | 000,000,000 | ---D | C]
 Mikroelektronika -> C:\Users\Public\Documents\Mikroelektronika -> [2012/11/28 14:53:32 | 000,000,000 | ---D | C]
 Mikroelektronika -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikroelektronika -> [2012/11/28 14:53:32 | 000,000,000 | ---D | C]
 DIFX -> C:\Program Files\DIFX -> [2012/11/28 14:43:59 | 000,000,000 | ---D | C]
 XAudio2_7.dll -> C:\Windows\SysWow64\XAudio2_7.dll -> [2012/11/26 22:04:07 | 000,527,192 | ---- | C] (Microsoft Corporation)
 XAudio2_7.dll -> C:\Windows\SysNative\XAudio2_7.dll -> [2012/11/26 22:04:07 | 000,518,488 | ---- | C] (Microsoft Corporation)
 XAPOFX1_5.dll -> C:\Windows\SysNative\XAPOFX1_5.dll -> [2012/11/26 22:04:07 | 000,077,656 | ---- | C] (Microsoft Corporation)
 XAPOFX1_5.dll -> C:\Windows\SysWow64\XAPOFX1_5.dll -> [2012/11/26 22:04:07 | 000,074,072 | ---- | C] (Microsoft Corporation)
 xactengine3_7.dll -> C:\Windows\SysWow64\xactengine3_7.dll -> [2012/11/26 22:04:06 | 000,239,960 | ---- | C] (Microsoft Corporation)
 xactengine3_7.dll -> C:\Windows\SysNative\xactengine3_7.dll -> [2012/11/26 22:04:06 | 000,176,984 | ---- | C] (Microsoft Corporation)
 D3DCompiler_43.dll -> C:\Windows\SysNative\D3DCompiler_43.dll -> [2012/11/26 22:04:05 | 002,526,056 | ---- | C] (Microsoft Corporation)
 d3dcsx_43.dll -> C:\Windows\SysNative\d3dcsx_43.dll -> [2012/11/26 22:04:03 | 001,907,552 | ---- | C] (Microsoft Corporation)
 d3dcsx_43.dll -> C:\Windows\SysWow64\d3dcsx_43.dll -> [2012/11/26 22:04:03 | 001,868,128 | ---- | C] (Microsoft Corporation)
 d3dx11_43.dll -> C:\Windows\SysNative\d3dx11_43.dll -> [2012/11/26 22:04:02 | 000,276,832 | ---- | C] (Microsoft Corporation)
 d3dx11_43.dll -> C:\Windows\SysWow64\d3dx11_43.dll -> [2012/11/26 22:04:02 | 000,248,672 | ---- | C] (Microsoft Corporation)
 d3dx10_43.dll -> C:\Windows\SysNative\d3dx10_43.dll -> [2012/11/26 22:04:01 | 000,511,328 | ---- | C] (Microsoft Corporation)
 d3dx10_43.dll -> C:\Windows\SysWow64\d3dx10_43.dll -> [2012/11/26 22:04:01 | 000,470,880 | ---- | C] (Microsoft Corporation)
 D3DX9_43.dll -> C:\Windows\SysNative\D3DX9_43.dll -> [2012/11/26 22:03:58 | 002,401,112 | ---- | C] (Microsoft Corporation)
 XAudio2_6.dll -> C:\Windows\SysNative\XAudio2_6.dll -> [2012/11/26 22:03:57 | 000,530,776 | ---- | C] (Microsoft Corporation)
 XAudio2_6.dll -> C:\Windows\SysWow64\XAudio2_6.dll -> [2012/11/26 22:03:57 | 000,528,216 | ---- | C] (Microsoft Corporation)
 xactengine3_6.dll -> C:\Windows\SysWow64\xactengine3_6.dll -> [2012/11/26 22:03:57 | 000,238,936 | ---- | C] (Microsoft Corporation)
 xactengine3_6.dll -> C:\Windows\SysNative\xactengine3_6.dll -> [2012/11/26 22:03:57 | 000,176,984 | ---- | C] (Microsoft Corporation)
 XAPOFX1_4.dll -> C:\Windows\SysNative\XAPOFX1_4.dll -> [2012/11/26 22:03:57 | 000,078,680 | ---- | C] (Microsoft Corporation)
 XAPOFX1_4.dll -> C:\Windows\SysWow64\XAPOFX1_4.dll -> [2012/11/26 22:03:57 | 000,074,072 | ---- | C] (Microsoft Corporation)
 X3DAudio1_7.dll -> C:\Windows\SysNative\X3DAudio1_7.dll -> [2012/11/26 22:03:56 | 000,024,920 | ---- | C] (Microsoft Corporation)
 X3DAudio1_7.dll -> C:\Windows\SysWow64\X3DAudio1_7.dll -> [2012/11/26 22:03:56 | 000,022,360 | ---- | C] (Microsoft Corporation)
 XAudio2_5.dll -> C:\Windows\SysNative\XAudio2_5.dll -> [2012/11/26 22:03:55 | 000,517,960 | ---- | C] (Microsoft Corporation)
 xactengine3_5.dll -> C:\Windows\SysWow64\xactengine3_5.dll -> [2012/11/26 22:03:54 | 000,238,936 | ---- | C] (Microsoft Corporation)
 xactengine3_5.dll -> C:\Windows\SysNative\xactengine3_5.dll -> [2012/11/26 22:03:54 | 000,176,968 | ---- | C] (Microsoft Corporation)
 D3DCompiler_42.dll -> C:\Windows\SysNative\D3DCompiler_42.dll -> [2012/11/26 22:03:53 | 002,582,888 | ---- | C] (Microsoft Corporation)
 D3DCompiler_42.dll -> C:\Windows\SysWow64\D3DCompiler_42.dll -> [2012/11/26 22:03:53 | 001,974,616 | ---- | C] (Microsoft Corporation)
 d3dcsx_42.dll -> C:\Windows\SysNative\d3dcsx_42.dll -> [2012/11/26 22:03:50 | 005,554,512 | ---- | C] (Microsoft Corporation)
 d3dcsx_42.dll -> C:\Windows\SysWow64\d3dcsx_42.dll -> [2012/11/26 22:03:50 | 005,501,792 | ---- | C] (Microsoft Corporation)
 d3dx11_42.dll -> C:\Windows\SysNative\d3dx11_42.dll -> [2012/11/26 22:03:49 | 000,285,024 | ---- | C] (Microsoft Corporation)
 d3dx11_42.dll -> C:\Windows\SysWow64\d3dx11_42.dll -> [2012/11/26 22:03:49 | 000,235,344 | ---- | C] (Microsoft Corporation)
 D3DX9_42.dll -> C:\Windows\SysNative\D3DX9_42.dll -> [2012/11/26 22:03:47 | 002,475,352 | ---- | C] (Microsoft Corporation)
 D3DX9_42.dll -> C:\Windows\SysWow64\D3DX9_42.dll -> [2012/11/26 22:03:47 | 001,892,184 | ---- | C] (Microsoft Corporation)
 D3DCompiler_41.dll -> C:\Windows\SysNative\D3DCompiler_41.dll -> [2012/11/26 22:03:44 | 002,430,312 | ---- | C] (Microsoft Corporation)
 d3dx10_41.dll -> C:\Windows\SysNative\d3dx10_41.dll -> [2012/11/26 22:03:44 | 000,520,544 | ---- | C] (Microsoft Corporation)
 D3DX9_41.dll -> C:\Windows\SysNative\D3DX9_41.dll -> [2012/11/26 22:03:42 | 005,425,496 | ---- | C] (Microsoft Corporation)
 D3DX9_41.dll -> C:\Windows\SysWow64\D3DX9_41.dll -> [2012/11/26 22:03:42 | 004,178,264 | ---- | C] (Microsoft Corporation)
 XAudio2_4.dll -> C:\Windows\SysNative\XAudio2_4.dll -> [2012/11/26 22:03:39 | 000,521,560 | ---- | C] (Microsoft Corporation)
 XAudio2_4.dll -> C:\Windows\SysWow64\XAudio2_4.dll -> [2012/11/26 22:03:39 | 000,517,448 | ---- | C] (Microsoft Corporation)
 XAPOFX1_3.dll -> C:\Windows\SysNative\XAPOFX1_3.dll -> [2012/11/26 22:03:39 | 000,073,544 | ---- | C] (Microsoft Corporation)
 xactengine3_4.dll -> C:\Windows\SysWow64\xactengine3_4.dll -> [2012/11/26 22:03:38 | 000,235,352 | ---- | C] (Microsoft Corporation)
 xactengine3_4.dll -> C:\Windows\SysNative\xactengine3_4.dll -> [2012/11/26 22:03:38 | 000,174,936 | ---- | C] (Microsoft Corporation)
 X3DAudio1_6.dll -> C:\Windows\SysNative\X3DAudio1_6.dll -> [2012/11/26 22:03:37 | 000,024,920 | ---- | C] (Microsoft Corporation)
 X3DAudio1_6.dll -> C:\Windows\SysWow64\X3DAudio1_6.dll -> [2012/11/26 22:03:37 | 000,022,360 | ---- | C] (Microsoft Corporation)
 D3DCompiler_40.dll -> C:\Windows\SysNative\D3DCompiler_40.dll -> [2012/11/26 22:03:35 | 002,605,920 | ---- | C] (Microsoft Corporation)
 D3DCompiler_40.dll -> C:\Windows\SysWow64\D3DCompiler_40.dll -> [2012/11/26 22:03:35 | 002,036,576 | ---- | C] (Microsoft Corporation)
 d3dx10_40.dll -> C:\Windows\SysNative\d3dx10_40.dll -> [2012/11/26 22:03:35 | 000,519,000 | ---- | C] (Microsoft Corporation)
 d3dx10_40.dll -> C:\Windows\SysWow64\d3dx10_40.dll -> [2012/11/26 22:03:35 | 000,452,440 | ---- | C] (Microsoft Corporation)
 D3DX9_40.dll -> C:\Windows\SysNative\D3DX9_40.dll -> [2012/11/26 22:03:33 | 005,631,312 | ---- | C] (Microsoft Corporation)
 D3DX9_40.dll -> C:\Windows\SysWow64\D3DX9_40.dll -> [2012/11/26 22:03:33 | 004,379,984 | ---- | C] (Microsoft Corporation)
 XAudio2_3.dll -> C:\Windows\SysNative\XAudio2_3.dll -> [2012/11/26 22:03:32 | 000,518,480 | ---- | C] (Microsoft Corporation)
 XAudio2_3.dll -> C:\Windows\SysWow64\XAudio2_3.dll -> [2012/11/26 22:03:32 | 000,514,384 | ---- | C] (Microsoft Corporation)
 XAPOFX1_2.dll -> C:\Windows\SysNative\XAPOFX1_2.dll -> [2012/11/26 22:03:32 | 000,074,576 | ---- | C] (Microsoft Corporation)
 XAPOFX1_2.dll -> C:\Windows\SysWow64\XAPOFX1_2.dll -> [2012/11/26 22:03:32 | 000,070,992 | ---- | C] (Microsoft Corporation)
 xactengine3_3.dll -> C:\Windows\SysWow64\xactengine3_3.dll -> [2012/11/26 22:03:31 | 000,235,856 | ---- | C] (Microsoft Corporation)
 xactengine3_3.dll -> C:\Windows\SysNative\xactengine3_3.dll -> [2012/11/26 22:03:31 | 000,175,440 | ---- | C] (Microsoft Corporation)
 X3DAudio1_5.dll -> C:\Windows\SysNative\X3DAudio1_5.dll -> [2012/11/26 22:03:30 | 000,025,936 | ---- | C] (Microsoft Corporation)
 X3DAudio1_5.dll -> C:\Windows\SysWow64\X3DAudio1_5.dll -> [2012/11/26 22:03:30 | 000,023,376 | ---- | C] (Microsoft Corporation)
 XAudio2_2.dll -> C:\Windows\SysNative\XAudio2_2.dll -> [2012/11/26 22:03:27 | 000,513,544 | ---- | C] (Microsoft Corporation)
 XAudio2_2.dll -> C:\Windows\SysWow64\XAudio2_2.dll -> [2012/11/26 22:03:27 | 000,509,448 | ---- | C] (Microsoft Corporation)
 xactengine3_2.dll -> C:\Windows\SysWow64\xactengine3_2.dll -> [2012/11/26 22:03:27 | 000,238,088 | ---- | C] (Microsoft Corporation)
 xactengine3_2.dll -> C:\Windows\SysNative\xactengine3_2.dll -> [2012/11/26 22:03:27 | 000,177,672 | ---- | C] (Microsoft Corporation)
 XAPOFX1_1.dll -> C:\Windows\SysNative\XAPOFX1_1.dll -> [2012/11/26 22:03:27 | 000,072,200 | ---- | C] (Microsoft Corporation)
 XAPOFX1_1.dll -> C:\Windows\SysWow64\XAPOFX1_1.dll -> [2012/11/26 22:03:27 | 000,068,616 | ---- | C] (Microsoft Corporation)
 D3DCompiler_39.dll -> C:\Windows\SysNative\D3DCompiler_39.dll -> [2012/11/26 22:03:25 | 001,942,552 | ---- | C] (Microsoft Corporation)
 D3DCompiler_39.dll -> C:\Windows\SysWow64\D3DCompiler_39.dll -> [2012/11/26 22:03:25 | 001,493,528 | ---- | C] (Microsoft Corporation)
 d3dx10_39.dll -> C:\Windows\SysNative\d3dx10_39.dll -> [2012/11/26 22:03:25 | 000,540,688 | ---- | C] (Microsoft Corporation)
 d3dx10_39.dll -> C:\Windows\SysWow64\d3dx10_39.dll -> [2012/11/26 22:03:25 | 000,467,984 | ---- | C] (Microsoft Corporation)
 D3DX9_39.dll -> C:\Windows\SysNative\D3DX9_39.dll -> [2012/11/26 22:03:23 | 004,992,520 | ---- | C] (Microsoft Corporation)
 D3DX9_39.dll -> C:\Windows\SysWow64\D3DX9_39.dll -> [2012/11/26 22:03:23 | 003,851,784 | ---- | C] (Microsoft Corporation)
 XAudio2_1.dll -> C:\Windows\SysNative\XAudio2_1.dll -> [2012/11/26 22:03:22 | 000,511,496 | ---- | C] (Microsoft Corporation)
 XAudio2_1.dll -> C:\Windows\SysWow64\XAudio2_1.dll -> [2012/11/26 22:03:22 | 000,507,400 | ---- | C] (Microsoft Corporation)
 XAPOFX1_0.dll -> C:\Windows\SysNative\XAPOFX1_0.dll -> [2012/11/26 22:03:22 | 000,068,104 | ---- | C] (Microsoft Corporation)
 XAPOFX1_0.dll -> C:\Windows\SysWow64\XAPOFX1_0.dll -> [2012/11/26 22:03:22 | 000,065,032 | ---- | C] (Microsoft Corporation)
 xactengine3_1.dll -> C:\Windows\SysWow64\xactengine3_1.dll -> [2012/11/26 22:03:21 | 000,238,088 | ---- | C] (Microsoft Corporation)
 xactengine3_1.dll -> C:\Windows\SysNative\xactengine3_1.dll -> [2012/11/26 22:03:21 | 000,177,672 | ---- | C] (Microsoft Corporation)
 X3DAudio1_4.dll -> C:\Windows\SysNative\X3DAudio1_4.dll -> [2012/11/26 22:03:21 | 000,028,168 | ---- | C] (Microsoft Corporation)
 X3DAudio1_4.dll -> C:\Windows\SysWow64\X3DAudio1_4.dll -> [2012/11/26 22:03:21 | 000,025,608 | ---- | C] (Microsoft Corporation)
 D3DCompiler_38.dll -> C:\Windows\SysNative\D3DCompiler_38.dll -> [2012/11/26 22:03:19 | 001,941,528 | ---- | C] (Microsoft Corporation)
 D3DCompiler_38.dll -> C:\Windows\SysWow64\D3DCompiler_38.dll -> [2012/11/26 22:03:19 | 001,491,992 | ---- | C] (Microsoft Corporation)
 d3dx10_38.dll -> C:\Windows\SysNative\d3dx10_38.dll -> [2012/11/26 22:03:19 | 000,540,688 | ---- | C] (Microsoft Corporation)
 d3dx10_38.dll -> C:\Windows\SysWow64\d3dx10_38.dll -> [2012/11/26 22:03:19 | 000,467,984 | ---- | C] (Microsoft Corporation)
 D3DX9_38.dll -> C:\Windows\SysNative\D3DX9_38.dll -> [2012/11/26 22:03:17 | 004,991,496 | ---- | C] (Microsoft Corporation)
 D3DX9_38.dll -> C:\Windows\SysWow64\D3DX9_38.dll -> [2012/11/26 22:03:17 | 003,850,760 | ---- | C] (Microsoft Corporation)
 XAudio2_0.dll -> C:\Windows\SysNative\XAudio2_0.dll -> [2012/11/26 22:03:17 | 000,489,480 | ---- | C] (Microsoft Corporation)
 XAudio2_0.dll -> C:\Windows\SysWow64\XAudio2_0.dll -> [2012/11/26 22:03:17 | 000,479,752 | ---- | C] (Microsoft Corporation)
 xactengine3_0.dll -> C:\Windows\SysWow64\xactengine3_0.dll -> [2012/11/26 22:03:15 | 000,238,088 | ---- | C] (Microsoft Corporation)
 xactengine3_0.dll -> C:\Windows\SysNative\xactengine3_0.dll -> [2012/11/26 22:03:15 | 000,177,672 | ---- | C] (Microsoft Corporation)
 X3DAudio1_3.dll -> C:\Windows\SysNative\X3DAudio1_3.dll -> [2012/11/26 22:03:15 | 000,028,168 | ---- | C] (Microsoft Corporation)
 X3DAudio1_3.dll -> C:\Windows\SysWow64\X3DAudio1_3.dll -> [2012/11/26 22:03:15 | 000,025,608 | ---- | C] (Microsoft Corporation)
 D3DCompiler_37.dll -> C:\Windows\SysNative\D3DCompiler_37.dll -> [2012/11/26 22:03:13 | 001,860,120 | ---- | C] (Microsoft Corporation)
 D3DCompiler_37.dll -> C:\Windows\SysWow64\D3DCompiler_37.dll -> [2012/11/26 22:03:13 | 001,420,824 | ---- | C] (Microsoft Corporation)
 d3dx10_37.dll -> C:\Windows\SysNative\d3dx10_37.dll -> [2012/11/26 22:03:13 | 000,529,424 | ---- | C] (Microsoft Corporation)
 d3dx10_37.dll -> C:\Windows\SysWow64\d3dx10_37.dll -> [2012/11/26 22:03:13 | 000,462,864 | ---- | C] (Microsoft Corporation)
 D3DX9_37.dll -> C:\Windows\SysNative\D3DX9_37.dll -> [2012/11/26 22:03:08 | 004,910,088 | ---- | C] (Microsoft Corporation)
 D3DX9_37.dll -> C:\Windows\SysWow64\D3DX9_37.dll -> [2012/11/26 22:03:08 | 003,786,760 | ---- | C] (Microsoft Corporation)
 xactengine2_10.dll -> C:\Windows\SysNative\xactengine2_10.dll -> [2012/11/26 22:03:08 | 000,411,656 | ---- | C] (Microsoft Corporation)
 xactengine2_10.dll -> C:\Windows\SysWow64\xactengine2_10.dll -> [2012/11/26 22:03:08 | 000,267,272 | ---- | C] (Microsoft Corporation)
 D3DCompiler_36.dll -> C:\Windows\SysNative\D3DCompiler_36.dll -> [2012/11/26 22:03:05 | 002,006,552 | ---- | C] (Microsoft Corporation)
 D3DCompiler_36.dll -> C:\Windows\SysWow64\D3DCompiler_36.dll -> [2012/11/26 22:03:05 | 001,374,232 | ---- | C] (Microsoft Corporation)
 d3dx10_36.dll -> C:\Windows\SysNative\d3dx10_36.dll -> [2012/11/26 22:03:05 | 000,508,264 | ---- | C] (Microsoft Corporation)
 d3dx10_36.dll -> C:\Windows\SysWow64\d3dx10_36.dll -> [2012/11/26 22:03:05 | 000,444,776 | ---- | C] (Microsoft Corporation)
 d3dx9_36.dll -> C:\Windows\SysNative\d3dx9_36.dll -> [2012/11/26 22:03:02 | 005,081,608 | ---- | C] (Microsoft Corporation)
 d3dx9_36.dll -> C:\Windows\SysWow64\d3dx9_36.dll -> [2012/11/26 22:03:02 | 003,734,536 | ---- | C] (Microsoft Corporation)
 xactengine2_9.dll -> C:\Windows\SysNative\xactengine2_9.dll -> [2012/11/26 22:03:00 | 000,411,496 | ---- | C] (Microsoft Corporation)
 xactengine2_9.dll -> C:\Windows\SysWow64\xactengine2_9.dll -> [2012/11/26 22:03:00 | 000,267,112 | ---- | C] (Microsoft Corporation)
 D3DCompiler_35.dll -> C:\Windows\SysNative\D3DCompiler_35.dll -> [2012/11/26 22:02:58 | 001,985,904 | ---- | C] (Microsoft Corporation)
 D3DCompiler_35.dll -> C:\Windows\SysWow64\D3DCompiler_35.dll -> [2012/11/26 22:02:58 | 001,358,192 | ---- | C] (Microsoft Corporation)
 d3dx10_35.dll -> C:\Windows\SysNative\d3dx10_35.dll -> [2012/11/26 22:02:58 | 000,508,264 | ---- | C] (Microsoft Corporation)
 d3dx10_35.dll -> C:\Windows\SysWow64\d3dx10_35.dll -> [2012/11/26 22:02:58 | 000,444,776 | ---- | C] (Microsoft Corporation)
 d3dx9_35.dll -> C:\Windows\SysNative\d3dx9_35.dll -> [2012/11/26 22:02:56 | 005,073,256 | ---- | C] (Microsoft Corporation)
 d3dx9_35.dll -> C:\Windows\SysWow64\d3dx9_35.dll -> [2012/11/26 22:02:56 | 003,727,720 | ---- | C] (Microsoft Corporation)
 xactengine2_8.dll -> C:\Windows\SysNative\xactengine2_8.dll -> [2012/11/26 22:02:54 | 000,409,960 | ---- | C] (Microsoft Corporation)
 xactengine2_8.dll -> C:\Windows\SysWow64\xactengine2_8.dll -> [2012/11/26 22:02:54 | 000,266,088 | ---- | C] (Microsoft Corporation)
 X3DAudio1_2.dll -> C:\Windows\SysNative\X3DAudio1_2.dll -> [2012/11/26 22:02:54 | 000,021,000 | ---- | C] (Microsoft Corporation)
 X3DAudio1_2.dll -> C:\Windows\SysWow64\X3DAudio1_2.dll -> [2012/11/26 22:02:54 | 000,017,928 | ---- | C] (Microsoft Corporation)
 D3DCompiler_34.dll -> C:\Windows\SysNative\D3DCompiler_34.dll -> [2012/11/26 22:02:53 | 001,401,200 | ---- | C] (Microsoft Corporation)
 D3DCompiler_34.dll -> C:\Windows\SysWow64\D3DCompiler_34.dll -> [2012/11/26 22:02:53 | 001,124,720 | ---- | C] (Microsoft Corporation)
 d3dx10_34.dll -> C:\Windows\SysNative\d3dx10_34.dll -> [2012/11/26 22:02:53 | 000,506,728 | ---- | C] (Microsoft Corporation)
 d3dx10_34.dll -> C:\Windows\SysWow64\d3dx10_34.dll -> [2012/11/26 22:02:53 | 000,443,752 | ---- | C] (Microsoft Corporation)
 d3dx9_34.dll -> C:\Windows\SysNative\d3dx9_34.dll -> [2012/11/26 22:02:51 | 004,496,232 | ---- | C] (Microsoft Corporation)
 d3dx9_34.dll -> C:\Windows\SysWow64\d3dx9_34.dll -> [2012/11/26 22:02:51 | 003,497,832 | ---- | C] (Microsoft Corporation)
 xinput1_3.dll -> C:\Windows\SysNative\xinput1_3.dll -> [2012/11/26 22:02:50 | 000,107,368 | ---- | C] (Microsoft Corporation)
 xinput1_3.dll -> C:\Windows\SysWow64\xinput1_3.dll -> [2012/11/26 22:02:50 | 000,081,768 | ---- | C] (Microsoft Corporation)
 xactengine2_7.dll -> C:\Windows\SysNative\xactengine2_7.dll -> [2012/11/26 22:02:49 | 000,403,304 | ---- | C] (Microsoft Corporation)
 xactengine2_7.dll -> C:\Windows\SysWow64\xactengine2_7.dll -> [2012/11/26 22:02:49 | 000,261,480 | ---- | C] (Microsoft Corporation)
 D3DCompiler_33.dll -> C:\Windows\SysNative\D3DCompiler_33.dll -> [2012/11/26 22:02:47 | 001,400,176 | ---- | C] (Microsoft Corporation)
 D3DCompiler_33.dll -> C:\Windows\SysWow64\D3DCompiler_33.dll -> [2012/11/26 22:02:47 | 001,123,696 | ---- | C] (Microsoft Corporation)
 d3dx10_33.dll -> C:\Windows\SysNative\d3dx10_33.dll -> [2012/11/26 22:02:47 | 000,506,728 | ---- | C] (Microsoft Corporation)
 d3dx10_33.dll -> C:\Windows\SysWow64\d3dx10_33.dll -> [2012/11/26 22:02:47 | 000,443,752 | ---- | C] (Microsoft Corporation)
 d3dx9_33.dll -> C:\Windows\SysNative\d3dx9_33.dll -> [2012/11/26 22:02:44 | 004,494,184 | ---- | C] (Microsoft Corporation)
 d3dx9_33.dll -> C:\Windows\SysWow64\d3dx9_33.dll -> [2012/11/26 22:02:44 | 003,495,784 | ---- | C] (Microsoft Corporation)
 xactengine2_6.dll -> C:\Windows\SysNative\xactengine2_6.dll -> [2012/11/26 22:02:43 | 000,393,576 | ---- | C] (Microsoft Corporation)
 xactengine2_6.dll -> C:\Windows\SysWow64\xactengine2_6.dll -> [2012/11/26 22:02:43 | 000,255,848 | ---- | C] (Microsoft Corporation)
 xactengine2_5.dll -> C:\Windows\SysNative\xactengine2_5.dll -> [2012/11/26 22:02:42 | 000,390,424 | ---- | C] (Microsoft Corporation)
 xactengine2_5.dll -> C:\Windows\SysWow64\xactengine2_5.dll -> [2012/11/26 22:02:42 | 000,251,672 | ---- | C] (Microsoft Corporation)
 d3dx10.dll -> C:\Windows\SysNative\d3dx10.dll -> [2012/11/26 22:02:41 | 000,469,264 | ---- | C] (Microsoft Corporation)
 d3dx10.dll -> C:\Windows\SysWow64\d3dx10.dll -> [2012/11/26 22:02:41 | 000,440,080 | ---- | C] (Microsoft Corporation)
 xactengine2_4.dll -> C:\Windows\SysNative\xactengine2_4.dll -> [2012/11/26 22:02:38 | 000,364,824 | ---- | C] (Microsoft Corporation)
 xactengine2_4.dll -> C:\Windows\SysWow64\xactengine2_4.dll -> [2012/11/26 22:02:38 | 000,237,848 | ---- | C] (Microsoft Corporation)
 x3daudio1_1.dll -> C:\Windows\SysNative\x3daudio1_1.dll -> [2012/11/26 22:02:38 | 000,017,688 | ---- | C] (Microsoft Corporation)
 x3daudio1_1.dll -> C:\Windows\SysWow64\x3daudio1_1.dll -> [2012/11/26 22:02:38 | 000,015,128 | ---- | C] (Microsoft Corporation)
 d3dx9_31.dll -> C:\Windows\SysNative\d3dx9_31.dll -> [2012/11/26 22:02:36 | 003,977,496 | ---- | C] (Microsoft Corporation)
 d3dx9_31.dll -> C:\Windows\SysWow64\d3dx9_31.dll -> [2012/11/26 22:02:36 | 002,414,360 | ---- | C] (Microsoft Corporation)
 xactengine2_3.dll -> C:\Windows\SysNative\xactengine2_3.dll -> [2012/11/26 22:02:35 | 000,363,288 | ---- | C] (Microsoft Corporation)
 xactengine2_3.dll -> C:\Windows\SysWow64\xactengine2_3.dll -> [2012/11/26 22:02:35 | 000,236,824 | ---- | C] (Microsoft Corporation)
 xinput1_2.dll -> C:\Windows\SysNative\xinput1_2.dll -> [2012/11/26 22:02:34 | 000,083,736 | ---- | C] (Microsoft Corporation)
 xinput1_2.dll -> C:\Windows\SysWow64\xinput1_2.dll -> [2012/11/26 22:02:34 | 000,062,744 | ---- | C] (Microsoft Corporation)
 xactengine2_2.dll -> C:\Windows\SysNative\xactengine2_2.dll -> [2012/11/26 22:02:33 | 000,354,072 | ---- | C] (Microsoft Corporation)
 xactengine2_2.dll -> C:\Windows\SysWow64\xactengine2_2.dll -> [2012/11/26 22:02:33 | 000,230,168 | ---- | C] (Microsoft Corporation)
 xinput1_1.dll -> C:\Windows\SysNative\xinput1_1.dll -> [2012/11/26 22:02:32 | 000,083,664 | ---- | C] (Microsoft Corporation)
 xinput1_1.dll -> C:\Windows\SysWow64\xinput1_1.dll -> [2012/11/26 22:02:32 | 000,062,672 | ---- | C] (Microsoft Corporation)
 xactengine2_1.dll -> C:\Windows\SysNative\xactengine2_1.dll -> [2012/11/26 22:02:30 | 000,352,464 | ---- | C] (Microsoft Corporation)
 xactengine2_1.dll -> C:\Windows\SysWow64\xactengine2_1.dll -> [2012/11/26 22:02:30 | 000,229,584 | ---- | C] (Microsoft Corporation)
 d3dx9_30.dll -> C:\Windows\SysNative\d3dx9_30.dll -> [2012/11/26 22:02:18 | 003,927,248 | ---- | C] (Microsoft Corporation)
 d3dx9_30.dll -> C:\Windows\SysWow64\d3dx9_30.dll -> [2012/11/26 22:02:18 | 002,388,176 | ---- | C] (Microsoft Corporation)
 xactengine2_0.dll -> C:\Windows\SysNative\xactengine2_0.dll -> [2012/11/26 22:02:16 | 000,355,536 | ---- | C] (Microsoft Corporation)
 xactengine2_0.dll -> C:\Windows\SysWow64\xactengine2_0.dll -> [2012/11/26 22:02:16 | 000,230,096 | ---- | C] (Microsoft Corporation)
 x3daudio1_0.dll -> C:\Windows\SysNative\x3daudio1_0.dll -> [2012/11/26 22:02:16 | 000,016,592 | ---- | C] (Microsoft Corporation)
 x3daudio1_0.dll -> C:\Windows\SysWow64\x3daudio1_0.dll -> [2012/11/26 22:02:16 | 000,014,032 | ---- | C] (Microsoft Corporation)
 d3dx9_29.dll -> C:\Windows\SysNative\d3dx9_29.dll -> [2012/11/26 22:02:14 | 003,830,992 | ---- | C] (Microsoft Corporation)
 d3dx9_29.dll -> C:\Windows\SysWow64\d3dx9_29.dll -> [2012/11/26 22:02:14 | 002,332,368 | ---- | C] (Microsoft Corporation)
 d3dx9_28.dll -> C:\Windows\SysNative\d3dx9_28.dll -> [2012/11/26 22:02:12 | 003,815,120 | ---- | C] (Microsoft Corporation)
 d3dx9_28.dll -> C:\Windows\SysWow64\d3dx9_28.dll -> [2012/11/26 22:02:12 | 002,323,664 | ---- | C] (Microsoft Corporation)
 d3dx9_27.dll -> C:\Windows\SysNative\d3dx9_27.dll -> [2012/11/26 22:02:10 | 003,807,440 | ---- | C] (Microsoft Corporation)
 d3dx9_27.dll -> C:\Windows\SysWow64\d3dx9_27.dll -> [2012/11/26 22:02:10 | 002,319,568 | ---- | C] (Microsoft Corporation)
 d3dx9_26.dll -> C:\Windows\SysNative\d3dx9_26.dll -> [2012/11/26 22:02:08 | 003,767,504 | ---- | C] (Microsoft Corporation)
 d3dx9_26.dll -> C:\Windows\SysWow64\d3dx9_26.dll -> [2012/11/26 22:02:08 | 002,297,552 | ---- | C] (Microsoft Corporation)
 d3dx9_25.dll -> C:\Windows\SysNative\d3dx9_25.dll -> [2012/11/26 22:02:06 | 003,823,312 | ---- | C] (Microsoft Corporation)
 d3dx9_25.dll -> C:\Windows\SysWow64\d3dx9_25.dll -> [2012/11/26 22:02:06 | 002,337,488 | ---- | C] (Microsoft Corporation)
 d3dx9_24.dll -> C:\Windows\SysNative\d3dx9_24.dll -> [2012/11/26 22:02:04 | 003,544,272 | ---- | C] (Microsoft Corporation)
 d3dx9_24.dll -> C:\Windows\SysWow64\d3dx9_24.dll -> [2012/11/26 22:02:04 | 002,222,800 | ---- | C] (Microsoft Corporation)
 MagicDraw -> C:\Users\Bavre Guilhem\Documents\MagicDraw -> [2012/11/23 23:15:11 | 000,000,000 | ---D | C]
 .magicdraw -> C:\Users\Bavre Guilhem\.magicdraw -> [2012/11/23 23:10:03 | 000,000,000 | ---D | C]
 MagicDraw UML -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDraw UML -> [2012/11/23 23:09:14 | 000,000,000 | ---D | C]
 MagicDraw UML -> C:\Program Files (x86)\MagicDraw UML -> [2012/11/23 23:07:18 | 000,000,000 | ---D | C]
 Zero G Registry -> C:\Program Files\Zero G Registry -> [2012/11/23 23:06:20 | 000,000,000 | -H-D | C]
 InstallAnywhere -> C:\Users\Bavre Guilhem\InstallAnywhere -> [2012/11/23 23:06:17 | 000,000,000 | -H-D | C]
 Makehuman -> C:\Users\Bavre Guilhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Makehuman -> [2012/11/23 14:50:31 | 000,000,000 | ---D | C]
 Makehuman -> C:\Program Files (x86)\Makehuman -> [2012/11/23 14:48:22 | 000,000,000 | ---D | C]
 OpenOffice.org -> C:\Users\Bavre Guilhem\AppData\Roaming\OpenOffice.org -> [2012/11/20 00:25:58 | 000,000,000 | ---D | C]
 zoug -> C:\Users\Bavre Guilhem\AppData\Local\zoug -> [2012/11/19 14:07:58 | 000,000,000 | ---D | C]
 MediaCUB -> C:\Program Files (x86)\MediaCUB -> [2012/11/19 14:07:24 | 000,000,000 | ---D | C]
 ProgSense -> C:\Users\Bavre Guilhem\AppData\Roaming\ProgSense -> [2012/11/19 13:48:31 | 000,000,000 | ---D | C]
 QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2012/11/18 23:27:32 | 000,000,000 | ---D | C]
 QuickTime -> C:\Program Files (x86)\QuickTime -> [2012/11/18 23:27:26 | 000,000,000 | ---D | C]
 WdfLdr.sys -> C:\Windows\SysNative\drivers\WdfLdr.sys -> [2012/11/16 10:32:14 | 000,054,376 | ---- | C] (Microsoft Corporation)
 Wdfres.dll -> C:\Windows\SysNative\Wdfres.dll -> [2012/11/16 10:32:14 | 000,009,728 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2012/11/16 10:24:07 | 000,096,768 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2012/11/16 10:24:06 | 000,073,216 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2012/11/16 10:24:05 | 000,248,320 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2012/11/16 10:24:05 | 000,176,640 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysNative\url.dll -> [2012/11/16 10:24:04 | 000,237,056 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysWow64\url.dll -> [2012/11/16 10:24:04 | 000,231,936 | ---- | C] (Microsoft Corporation)
 ieUnatt.exe -> C:\Windows\SysNative\ieUnatt.exe -> [2012/11/16 10:24:04 | 000,173,056 | ---- | C] (Microsoft Corporation)
 ieUnatt.exe -> C:\Windows\SysWow64\ieUnatt.exe -> [2012/11/16 10:24:04 | 000,142,848 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysNative\inetcpl.cpl -> [2012/11/16 10:24:03 | 001,494,528 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysWow64\inetcpl.cpl -> [2012/11/16 10:24:03 | 001,427,968 | ---- | C] (Microsoft Corporation)
 jscript9.dll -> C:\Windows\SysNative\jscript9.dll -> [2012/11/16 10:24:02 | 002,312,704 | ---- | C] (Microsoft Corporation)
 msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2012/11/16 10:24:02 | 000,729,088 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysWow64\jscript.dll -> [2012/11/16 10:24:00 | 000,717,824 | ---- | C] (Microsoft Corporation)
 vbscript.dll -> C:\Windows\SysNative\vbscript.dll -> [2012/11/16 10:24:00 | 000,599,040 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysNative\jscript.dll -> [2012/11/16 10:23:59 | 000,816,640 | ---- | C] (Microsoft Corporation)
 WUDFPlatform.dll -> C:\Windows\SysNative\WUDFPlatform.dll -> [2012/11/16 10:19:58 | 000,194,048 | ---- | C] (Microsoft Corporation)
 WUDFx.dll -> C:\Windows\SysNative\WUDFx.dll -> [2012/11/16 10:19:57 | 000,744,448 | ---- | C] (Microsoft Corporation)
 WUDFHost.exe -> C:\Windows\SysNative\WUDFHost.exe -> [2012/11/16 10:19:57 | 000,229,888 | ---- | C] (Microsoft Corporation)
 WUDFCoinstaller.dll -> C:\Windows\SysNative\WUDFCoinstaller.dll -> [2012/11/16 10:19:57 | 000,045,056 | ---- | C] (Microsoft Corporation)
 OpenOffice.org 3.4.1 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 -> [2012/11/16 10:11:19 | 000,000,000 | --SD | C]
 OpenOffice.org 3 -> C:\Program Files (x86)\OpenOffice.org 3 -> [2012/11/16 10:10:17 | 000,000,000 | ---D | C]
 dhcpcore6.dll -> C:\Windows\SysNative\dhcpcore6.dll -> [2012/11/16 09:32:20 | 000,226,816 | ---- | C] (Microsoft Corporation)
 dhcpcore6.dll -> C:\Windows\SysWow64\dhcpcore6.dll -> [2012/11/16 09:32:20 | 000,193,536 | ---- | C] (Microsoft Corporation)
 dhcpcsvc6.dll -> C:\Windows\SysNative\dhcpcsvc6.dll -> [2012/11/16 09:32:20 | 000,055,296 | ---- | C] (Microsoft Corporation)
 ncsi.dll -> C:\Windows\SysNative\ncsi.dll -> [2012/11/16 09:32:11 | 000,216,576 | ---- | C] (Microsoft Corporation)
 ncsi.dll -> C:\Windows\SysWow64\ncsi.dll -> [2012/11/16 09:32:11 | 000,156,672 | ---- | C] (Microsoft Corporation)
 netcorehc.dll -> C:\Windows\SysNative\netcorehc.dll -> [2012/11/16 09:32:10 | 000,246,272 | ---- | C] (Microsoft Corporation)
 netcorehc.dll -> C:\Windows\SysWow64\netcorehc.dll -> [2012/11/16 09:32:10 | 000,175,104 | ---- | C] (Microsoft Corporation)
 netevent.dll -> C:\Windows\SysWow64\netevent.dll -> [2012/11/16 09:32:07 | 000,018,944 | ---- | C] (Microsoft Corporation)
 netevent.dll -> C:\Windows\SysNative\netevent.dll -> [2012/11/16 09:32:07 | 000,018,944 | ---- | C] (Microsoft Corporation)
 synceng.dll -> C:\Windows\SysNative\synceng.dll -> [2012/11/16 09:31:57 | 000,095,744 | ---- | C] (Microsoft Corporation)
 synceng.dll -> C:\Windows\SysWow64\synceng.dll -> [2012/11/16 09:31:57 | 000,078,336 | ---- | C] (Microsoft Corporation)
 ts3overlay_hook_win64 -> C:\Users\Bavre Guilhem\AppData\Roaming\ts3overlay_hook_win64 -> [2012/11/13 19:49:29 | 000,000,000 | ---D | C]
 ts3overlay -> C:\Users\Bavre Guilhem\AppData\Roaming\ts3overlay -> [2012/11/13 19:49:29 | 000,000,000 | ---D | C]
 TS3Client -> C:\Users\Bavre Guilhem\AppData\Roaming\TS3Client -> [2012/11/13 19:48:45 | 000,000,000 | ---D | C]
 TeamSpeak 3 Client -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client -> [2012/11/13 19:47:09 | 000,000,000 | ---D | C]
 TeamSpeak 3 Client -> C:\Program Files\TeamSpeak 3 Client -> [2012/11/13 19:46:59 | 000,000,000 | ---D | C]
 Ask.com -> C:\Program Files (x86)\Ask.com -> [2012/11/13 19:17:08 | 000,000,000 | ---D | C]
 APN -> C:\Users\Bavre Guilhem\AppData\Local\APN -> [2012/11/13 19:17:08 | 000,000,000 | ---D | C]
 Ask -> C:\ProgramData\Ask -> [2012/11/13 19:06:07 | 000,000,000 | ---D | C]
 javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2012/11/13 19:05:40 | 000,174,056 | ---- | C] (Oracle Corporation)
 java.exe -> C:\Windows\SysWow64\java.exe -> [2012/11/13 19:05:40 | 000,174,056 | ---- | C] (Oracle Corporation)
 WindowsAccessBridge-32.dll -> C:\Windows\SysWow64\WindowsAccessBridge-32.dll -> [2012/11/13 19:05:40 | 000,095,208 | ---- | C] (Oracle Corporation)
 McAfee -> C:\ProgramData\McAfee -> [2012/11/12 17:55:49 | 000,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
 Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2012/12/11 01:47:16 | 000,001,002 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2012/12/11 01:40:58 | 000,009,920 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2012/12/11 01:40:58 | 000,009,920 | -H-- | M] ()
 SoftwareUpdateTaskMachineUA.job -> C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job -> [2012/12/11 01:34:00 | 000,001,100 | ---- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2012/12/11 01:31:54 | 000,001,078 | ---- | M] ()
 GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2012/12/11 01:31:26 | 000,000,340 | ---- | M] ()
 SoftwareUpdateTaskMachineCore.job -> C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job -> [2012/12/11 01:31:15 | 000,001,096 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2012/12/11 01:30:28 | 000,067,584 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2012/12/11 01:30:13 | 3203,239,936 | -HS- | M] ()
 GoogleUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000UA.job -> [2012/12/11 01:27:00 | 000,001,110 | ---- | M] ()
 hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2012/12/11 01:16:56 | 000,000,027 | ---- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2012/12/11 01:04:05 | 000,001,082 | ---- | M] ()
 FacebookUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000UA.job -> C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000UA.job -> [2012/12/10 23:56:01 | 000,000,960 | ---- | M] ()
 GoogleUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000Core.job -> [2012/12/10 19:27:00 | 000,001,058 | ---- | M] ()
 AutoRunFilter.ini -> C:\Windows\SysNative\AutoRunFilter.ini -> [2012/12/10 09:15:58 | 000,002,752 | ---- | M] ()
 PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2012/12/09 19:24:27 | 001,883,546 | ---- | M] ()
 perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2012/12/09 19:24:27 | 000,824,156 | ---- | M] ()
 perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2012/12/09 19:24:27 | 000,730,998 | ---- | M] ()
 perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2012/12/09 19:24:27 | 000,178,570 | ---- | M] ()
 perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2012/12/09 19:24:27 | 000,150,858 | ---- | M] ()
 FacebookUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000Core.job -> C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485618440-3712180276-1970688583-1000Core.job -> [2012/12/09 14:56:00 | 000,000,938 | ---- | M] ()
 ServiceFilter.ini -> C:\Windows\SysNative\ServiceFilter.ini -> [2012/12/09 09:50:04 | 000,001,550 | ---- | M] ()
 Préfs Format PNG Adobe CS6 -> C:\Users\Bavre Guilhem\AppData\Roaming\Préfs Format PNG Adobe CS6 -> [2012/12/08 22:59:27 | 000,000,132 | ---- | M] ()
 Préfs Format GIF Adobe CS6 -> C:\Users\Bavre Guilhem\AppData\Roaming\Préfs Format GIF Adobe CS6 -> [2012/12/07 05:11:28 | 000,000,132 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2012/12/06 20:23:36 | 005,065,904 | ---- | M] ()
 PUTTY.RND -> C:\Users\Bavre Guilhem\AppData\Local\PUTTY.RND -> [2012/12/06 17:08:01 | 000,000,600 | ---- | M] ()
 acovcnt.exe -> C:\Windows\SysWow64\acovcnt.exe -> [2012/12/06 16:38:35 | 000,045,056 | ---- | M] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2012/11/30 15:02:00 | 000,001,785 | ---- | M] ()
 CCleaner.lnk -> C:\Users\Public\Desktop\CCleaner.lnk -> [2012/11/28 15:06:28 | 000,000,824 | ---- | M] ()
 MPLAB IDE v8.03.lnk -> C:\Users\Public\Desktop\MPLAB IDE v8.03.lnk -> [2012/11/28 15:05:37 | 000,002,166 | ---- | M] ()
 mikroProg Suite For PIC.lnk -> C:\Users\Public\Desktop\mikroProg Suite For PIC.lnk -> [2012/11/28 14:53:36 | 000,001,620 | ---- | M] ()
 MagicDraw UML.lnk -> C:\Users\Public\Desktop\MagicDraw UML.lnk -> [2012/11/23 23:09:14 | 000,002,011 | ---- | M] ()
 Dropbox.lnk -> C:\Users\Bavre Guilhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> [2012/11/23 11:34:09 | 000,001,068 | ---- | M] ()
 LNonPnP.sys -> C:\Windows\SysNative\drivers\LNonPnP.sys -> [2012/11/21 21:28:33 | 000,018,960 | ---- | M] (Logitech, Inc.)
 config.nt -> C:\Windows\SysWow64\config.nt -> [2012/11/14 08:31:30 | 000,000,000 | ---- | M] ()
 FlashPlayerApp.exe -> C:\Windows\SysWow64\FlashPlayerApp.exe -> [2012/11/12 17:55:43 | 000,697,272 | ---- | M] (Adobe Systems Incorporated)
 FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2012/11/12 17:55:43 | 000,073,656 | ---- | M] (Adobe Systems Incorporated)
 
[Files - No Company Name]
 Préfs Format GIF Adobe CS6 -> C:\Users\Bavre Guilhem\AppData\Roaming\Préfs Format GIF Adobe CS6 -> [2012/12/07 03:47:31 | 000,000,132 | ---- | C] ()
 TeamViewer 8.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk -> [2012/12/06 18:08:20 | 000,001,180 | ---- | C] ()
 PUTTY.RND -> C:\Users\Bavre Guilhem\AppData\Local\PUTTY.RND -> [2012/12/06 17:08:01 | 000,000,600 | ---- | C] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2012/11/30 15:02:00 | 000,001,785 | ---- | C] ()
 MPLAB IDE v8.03.lnk -> C:\Users\Public\Desktop\MPLAB IDE v8.03.lnk -> [2012/11/28 15:05:37 | 000,002,166 | ---- | C] ()
 mikroProg Suite For PIC.lnk -> C:\Users\Public\Desktop\mikroProg Suite For PIC.lnk -> [2012/11/28 14:53:36 | 000,001,620 | ---- | C] ()
 MagicDraw UML.lnk -> C:\Users\Public\Desktop\MagicDraw UML.lnk -> [2012/11/23 23:09:14 | 000,002,011 | ---- | C] ()
 Dropbox.lnk -> C:\Users\Bavre Guilhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> [2012/11/23 11:34:09 | 000,001,068 | ---- | C] ()
 MediaCUB.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaCUB.lnk -> [2012/11/19 14:07:25 | 000,002,591 | ---- | C] ()
 MsftWdf_Kernel_01011_Inbox_Critical.Wdf -> C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf -> [2012/11/16 10:32:18 | 000,000,003 | ---- | C] ()
 MsftWdf_User_01_11_00_Inbox_Critical.Wdf -> C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf -> [2012/11/16 10:19:57 | 000,000,003 | ---- | C] ()
 Préfs Format BMP Adobe CS6 -> C:\Users\Bavre Guilhem\AppData\Roaming\Préfs Format BMP Adobe CS6 -> [2012/10/23 20:03:46 | 000,000,132 | ---- | C] ()
 ODBC.INI -> C:\Windows\ODBC.INI -> [2012/10/22 13:49:56 | 000,000,028 | ---- | C] ()
 ativvsvl.dat -> C:\Windows\SysWow64\ativvsvl.dat -> [2012/09/13 23:12:16 | 000,204,952 | ---- | C] ()
 ativvsva.dat -> C:\Windows\SysWow64\ativvsva.dat -> [2012/09/13 23:12:16 | 000,157,144 | ---- | C] ()
 ntuser.pol -> C:\ProgramData\ntuser.pol -> [2012/09/02 16:25:52 | 000,000,290 | RHS- | C] ()
 cadkasdeinst01e.exe -> C:\Windows\cadkasdeinst01e.exe -> [2012/07/13 12:38:50 | 000,075,776 | ---- | C] ()
 LauncherAccess.dt -> C:\ProgramData\LauncherAccess.dt -> [2012/07/11 20:33:46 | 000,000,000 | ---- | C] ()
 StarOpen.sys -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2012/07/11 20:15:50 | 000,005,632 | ---- | C] ()
 .zreglib -> C:\ProgramData\.zreglib -> [2012/07/10 14:33:32 | 000,000,041 | -HS- | C] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2012/07/09 13:52:11 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\Windows\MBR.exe -> [2012/07/09 13:52:11 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\Windows\sed.exe -> [2012/07/09 13:52:11 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\Windows\grep.exe -> [2012/07/09 13:52:11 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\Windows\zip.exe -> [2012/07/09 13:52:11 | 000,068,096 | ---- | C] ()
 Préfs Format PNG Adobe CS6 -> C:\Users\Bavre Guilhem\AppData\Roaming\Préfs Format PNG Adobe CS6 -> [2012/07/01 15:03:54 | 000,000,132 | ---- | C] ()
 PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2012/06/27 10:56:01 | 001,909,090 | ---- | C] ()
 DCEBoot64.exe -> C:\Windows\DCEBoot64.exe -> [2012/06/05 00:10:34 | 000,021,520 | ---- | C] ()
 acovcnt.exe -> C:\Windows\SysWow64\acovcnt.exe -> [2012/05/31 23:27:58 | 000,045,056 | ---- | C] ()
 ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2012/05/31 23:06:55 | 000,000,000 | ---- | C] ()
 IntelMEFWVer.dll -> C:\Windows\SysWow64\drivers\IntelMEFWVer.dll -> [2012/05/31 23:03:45 | 000,008,192 | ---- | C] ()
 kdbsdk32.dll -> C:\Windows\SysWow64\kdbsdk32.dll -> [2012/05/02 13:58:10 | 000,029,184 | ---- | C] ()
 IusEventLog.dll -> C:\Windows\SysWow64\IusEventLog.dll -> [2012/04/20 12:59:44 | 000,001,536 | ---- | C] ()
 atipblag.dat -> C:\Windows\SysWow64\atipblag.dat -> [2011/09/12 23:06:16 | 000,003,917 | ---- | C] ()
< End of report >


After that I have done a sfc/sannow with the shell and display the following message :
Windows Resource Protection found corrupt files but was unable to fix some of them.



Thanks a lot for your help!

Edited by Guigui30, 10 December 2012 - 08:04 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:08 AM

Posted 14 December 2012 - 09:07 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:08 AM

Posted 21 December 2012 - 10:04 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users