Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Frequent BSOD in Windows 7 64 bit

Started by shiinji , Nov 13 2010 02:51 PM

  • Please log in to reply

#1
shiinji
Posted 13 November 2010 - 02:51 PM

shiinji

    New Member

  • Member
  • Pip
  • 3 posts
Hi, having exactly the same problem as Dumanated (http://www.geekstogo...68#entry1873668)
i post this topic to have some help. (I'm sorry i'm french, and i'm not extremly good in english)
My bsod is : Stop: 0x0007F (0x00000008, 0x00000******, 0x0000***, 0x**********)
The bsod come at any moment... when i'm not on computer, when i'm listening music, watching video.....

i've made an eset online scan which found 4 trojan that i've deleted. A new scan shows nothing else.

i removed ad-aware juste before to do the OTL.txt
I attached a bluescreenviewer in .txt

Here is the OTL :


OTL logfile created on: 13/11/2010 21:52:53 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\shinji\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 68,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 323,26 Gb Total Space | 79,30 Gb Free Space | 24,53% Space Free | Partition Type: NTFS
Drive D: | 7,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 465,76 Gb Total Space | 29,72 Gb Free Space | 6,38% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 120,79 Gb Free Space | 51,87% Space Free | Partition Type: NTFS
Drive G: | 375,38 Gb Total Space | 123,42 Gb Free Space | 32,88% Space Free | Partition Type: NTFS
Drive H: | 226,87 Gb Total Space | 88,31 Gb Free Space | 38,92% Space Free | Partition Type: NTFS

Computer Name: SHINJI-PC | User Name: shinji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/13 21:36:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\shinji\Downloads\OTL.exe
PRC - [2010/10/17 20:38:42 | 000,742,912 | ---- | M] (FileZilla Project) -- C:\Program Files (x86)\FileZilla Server\FileZilla server.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/23 03:11:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/07/23 03:11:07 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/06/28 08:46:40 | 002,561,320 | ---- | M] (RayV) -- C:\Program Files (x86)\RayV\RayV\RayV.exe
PRC - [2009/12/04 15:36:20 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2009/12/04 15:34:52 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/06/17 12:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/05/14 14:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2008/11/18 12:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2005/02/16 15:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/11/13 21:36:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\shinji\Downloads\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/19 23:40:03 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/05/06 10:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/05/14 14:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009/05/14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2010/10/17 20:38:42 | 000,742,912 | ---- | M] (FileZilla Project) [Auto | Running] -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/31 11:27:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/12/04 15:36:20 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 12:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/04 17:59:57 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/08/28 20:02:28 | 000,059,480 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdriver64.sys -- (stdriver)
DRV:64bit: - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/18 10:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/03/18 10:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 10:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/12/17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/12/04 15:36:26 | 000,446,152 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009/10/27 11:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/10/16 05:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/08/09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/14 14:49:56 | 000,121,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2009/05/14 14:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009/05/14 14:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2008/07/26 14:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 14:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 14:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 14:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2005/03/29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15446&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 46 0F 48 8B 30 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...nampie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.0.66
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/05 16:48:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/20 18:31:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/11/02 10:00:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/10/20 18:31:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/08/03 12:16:47 | 000,000,000 | ---D | M]

[2010/07/31 16:45:15 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\mozilla\Extensions
[2010/07/31 16:45:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shinji\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/13 10:55:31 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\mozilla\Firefox\Profiles\o1ojp9g6.default\extensions
[2010/10/18 19:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shinji\AppData\Roaming\mozilla\Firefox\Profiles\o1ojp9g6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/11/04 08:35:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\shinji\AppData\Roaming\mozilla\Firefox\Profiles\o1ojp9g6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/31 16:46:33 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\shinji\AppData\Roaming\mozilla\Firefox\Profiles\o1ojp9g6.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/09/23 18:13:35 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\mozilla\Firefox\Profiles\o1ojp9g6.default\extensions\[email protected]
[2010/08/05 12:18:55 | 000,002,252 | ---- | M] () -- C:\Users\shinji\AppData\Roaming\Mozilla\FireFox\Profiles\o1ojp9g6.default\searchplugins\askcom.xml
[2010/07/24 15:51:52 | 000,002,650 | ---- | M] () -- C:\Users\shinji\AppData\Roaming\Mozilla\FireFox\Profiles\o1ojp9g6.default\searchplugins\bing.xml
[2010/01/10 23:17:24 | 000,001,201 | ---- | M] () -- C:\Users\shinji\AppData\Roaming\Mozilla\FireFox\Profiles\o1ojp9g6.default\searchplugins\winamp-search.xml
[2010/11/13 10:55:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/11 23:09:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/11 23:09:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/23 01:44:11 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/23 01:44:11 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/23 01:44:11 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/23 01:44:11 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/23 01:44:11 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [FileZilla Server Interface] C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [RayV] C:\Program Files (x86)\RayV\RayV\RayV.exe (RayV)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d961c0ea-9e3d-11df-8215-90e6ba24f8f0}\Shell - "" = AutoRun
O33 - MountPoints2\{d961c0ea-9e3d-11df-8215-90e6ba24f8f0}\Shell\AutoRun\command - "" = J:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/13 21:24:39 | 000,000,000 | ---D | C] -- C:\Users\shinji\Desktop\BM
[2010/11/13 10:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/13 10:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/11/13 10:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/12 17:00:03 | 000,000,000 | ---D | C] -- C:\Users\shinji\Documents\Cours
[2010/11/11 14:03:09 | 000,000,000 | ---D | C] -- C:\Users\shinji\AppData\Roaming\PhotoFiltre
[2010/11/11 14:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre
[2010/11/11 12:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/11/05 23:15:35 | 000,000,000 | ---D | C] -- C:\Users\shinji\Desktop\101MSDCF
[2010/11/03 18:02:28 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/10/26 15:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2010/10/21 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\shinji\AppData\Roaming\FileZilla
[2010/10/21 16:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010/10/21 16:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla Server
[2010/10/20 18:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/10/18 19:06:54 | 000,000,000 | ---D | C] -- C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/10/18 19:06:40 | 000,000,000 | ---D | C] -- C:\Users\shinji\Documents\DVDVideoSoft
[2010/10/18 19:06:10 | 000,000,000 | ---D | C] -- C:\Users\shinji\AppData\Roaming\DVDVideoSoft
[2010/10/18 19:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010/10/18 19:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010/09/04 17:59:57 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\shinji\AppData\Roaming\pcouffin.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/13 21:40:09 | 001,524,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/13 21:40:09 | 000,694,766 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010/11/13 21:40:09 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/13 21:40:09 | 000,127,478 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010/11/13 21:40:09 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/13 21:39:24 | 000,022,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/13 21:39:24 | 000,022,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/13 21:33:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/13 21:33:34 | 535,339,007 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/13 21:33:33 | 819,359,213 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/13 10:41:59 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/12 18:20:19 | 000,869,003 | ---- | M] () -- C:\Users\shinji\Documents\Bernard Palissy.docx
[2010/11/12 10:38:24 | 002,583,040 | ---- | M] () -- C:\Users\shinji\Documents\Bernard Palissy.ppt
[2010/11/12 10:37:31 | 000,890,880 | ---- | M] () -- C:\Users\shinji\Documents\Bernard Palissy.doc
[2010/11/11 14:03:07 | 000,001,043 | ---- | M] () -- C:\Users\shinji\Desktop\PhotoFiltre.lnk
[2010/11/10 21:41:39 | 000,027,551 | ---- | M] () -- C:\Users\shinji\Documents\Bernard Palissy (Enregistré automatiquement).docx
[2010/11/09 19:17:37 | 001,197,636 | ---- | M] () -- C:\Users\shinji\Desktop\article_rvart_0035-1326_1987_num_78_1_347672.pdf
[2010/11/08 16:23:49 | 000,000,162 | -H-- | M] () -- C:\Users\shinji\Documents\~$rnard Palissy.docx
[2010/11/06 14:55:43 | 000,014,876 | ---- | M] () -- C:\Users\shinji\Documents\civi grec.docx
[2010/11/06 11:52:19 | 000,001,515 | ---- | M] () -- C:\Users\shinji\AppData\Roaming\SAS7_000.DAT
[2010/11/03 18:02:26 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/10/26 15:52:01 | 000,000,943 | ---- | M] () -- C:\Users\shinji\Desktop\Audacity.lnk
[2010/10/21 16:23:24 | 000,002,113 | ---- | M] () -- C:\Users\shinji\Desktop\FileZilla Server Interface.lnk
[2010/10/18 19:06:42 | 000,001,239 | ---- | M] () -- C:\Users\shinji\Desktop\DVDVideoSoft Free Studio.lnk
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/13 10:41:59 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/12 10:37:29 | 000,890,880 | ---- | C] () -- C:\Users\shinji\Documents\Bernard Palissy.doc
[2010/11/11 17:08:18 | 002,583,040 | ---- | C] () -- C:\Users\shinji\Documents\Bernard Palissy.ppt
[2010/11/11 14:03:07 | 000,001,043 | ---- | C] () -- C:\Users\shinji\Desktop\PhotoFiltre.lnk
[2010/11/09 19:17:35 | 001,197,636 | ---- | C] () -- C:\Users\shinji\Desktop\article_rvart_0035-1326_1987_num_78_1_347672.pdf
[2010/11/08 16:47:03 | 000,027,551 | ---- | C] () -- C:\Users\shinji\Documents\Bernard Palissy (Enregistré automatiquement).docx
[2010/11/08 16:23:49 | 000,000,162 | -H-- | C] () -- C:\Users\shinji\Documents\~$rnard Palissy.docx
[2010/11/06 14:55:43 | 000,014,876 | ---- | C] () -- C:\Users\shinji\Documents\civi grec.docx
[2010/11/06 13:39:04 | 000,869,003 | ---- | C] () -- C:\Users\shinji\Documents\Bernard Palissy.docx
[2010/10/26 15:52:01 | 000,000,943 | ---- | C] () -- C:\Users\shinji\Desktop\Audacity.lnk
[2010/10/21 16:23:24 | 000,002,113 | ---- | C] () -- C:\Users\shinji\Desktop\FileZilla Server Interface.lnk
[2010/10/21 16:18:22 | 115,537,408 | ---- | C] () -- C:\Users\shinji\Desktop\Cours 1.ppt
[2010/10/19 15:24:09 | 000,334,795 | ---- | C] () -- C:\Users\shinji\Desktop\Windows6.0-KB946084-x86.msu
[2010/10/18 19:06:42 | 000,001,239 | ---- | C] () -- C:\Users\shinji\Desktop\DVDVideoSoft Free Studio.lnk
[2010/09/04 18:00:19 | 000,000,034 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\pcouffin.log
[2010/09/04 17:59:57 | 000,099,384 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\inst.exe
[2010/09/04 17:59:57 | 000,007,859 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\pcouffin.cat
[2010/09/04 17:59:57 | 000,001,167 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\pcouffin.inf
[2010/08/28 20:30:02 | 000,015,463 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\ReplayMusicLog.log
[2010/08/20 16:34:03 | 000,001,515 | ---- | C] () -- C:\Users\shinji\AppData\Roaming\SAS7_000.DAT
[2010/08/20 15:13:37 | 000,004,608 | ---- | C] () -- C:\Users\shinji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/09 19:16:56 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll
[2010/08/08 12:55:54 | 000,000,571 | ---- | C] () -- C:\Windows\SysWow64\FeMakro.ini
[2010/08/08 12:55:54 | 000,000,497 | ---- | C] () -- C:\Windows\SysWow64\FeAnim.ini
[2010/08/03 18:24:29 | 000,007,597 | ---- | C] () -- C:\Users\shinji\AppData\Local\Resmon.ResmonCfg
[2010/07/31 09:48:28 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/07/31 09:48:28 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/11/13 05:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2007/12/04 04:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/06/07 04:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2007/01/26 00:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007/01/26 00:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
[2005/07/31 01:01:31 | 000,030,504 | -H-- | C] () -- C:\Users\shinji\AppData\Roaming\shinjilog.dat

========== LOP Check ==========

[2010/10/08 17:45:53 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\2K Sports
[2010/08/28 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Absolute Audio Recorder
[2010/10/07 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Audacity
[2010/08/19 23:54:23 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Autodesk
[2010/08/25 10:27:16 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\BitTorrent
[2010/10/18 19:06:22 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\DVDVideoSoft
[2010/10/18 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/08 14:19:34 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\EASYTools
[2010/10/21 16:45:03 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\FileZilla
[2010/11/13 19:17:50 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\GrabIt
[2010/09/01 17:28:35 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\LolClient
[2010/09/08 01:00:02 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Ludia
[2010/10/08 12:23:38 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Mumble
[2010/08/28 19:53:41 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\NCH Swift Sound
[2010/08/20 15:52:53 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Nuance
[2010/11/11 14:17:23 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\PhotoFiltre
[2010/11/04 10:18:50 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\RayV
[2010/07/31 16:45:15 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Thunderbird
[2010/08/26 16:41:12 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\TS3Client
[2010/09/04 18:00:19 | 000,000,000 | ---D | M] -- C:\Users\shinji\AppData\Roaming\Vso
[2010/09/24 08:21:02 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:F35A93AD

< End of report >




I hope you can help me. Thanks.

Attached Files


Edited by shiinji, 15 November 2010 - 11:46 AM.

  • 0

Advertisements

#2
shiinji
Posted 15 November 2010 - 11:47 AM

shiinji

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
no one can help me? please.
  • 0

#3
shiinji
Posted 29 November 2010 - 07:00 AM

shiinji

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
up
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP