Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by gbalou (administrator) on gbalou-PC on 18-06-2015 18:54:34
Running from C:\Users\gbalou\Desktop
Loaded Profiles: gbalou & MSSQL$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS (Available Profiles: gbalou & Administrator & Guest & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Oracle Corporation) Z:\app\gbalou\product\11.2.0\dbhome_1\BIN\omtsreco.exe
(Oracle Corporation) Z:\app\gbalou\product\11.2.0\dbhome_1\BIN\TNSLSNR.EXE
(Oracle Corporation) Z:\app\gbalou\product\11.2.0\dbhome_1\BIN\oracle.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Sun Microsystems, Inc.) Z:\app\gbalou\product\11.2.0\dbhome_1\jdk\bin\java.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [460088 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => [X]
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1349451029-2387217336-1723229273-1000\...\MountPoints2: {4c43f520-7241-11e4-9012-c80aa9e0c6ed} - F:\Setup.exe
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-05] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_853.dll [2013-04-10] (Pismo Technic Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1349451029-2387217336-1723229273-1000] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-1349451029-2387217336-1723229273-1000] => localhost:21320
HKU\S-1-5-21-1349451029-2387217336-1723229273-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1349451029-2387217336-1723229273-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1349451029-2387217336-1723229273-1000 -> DefaultScope {391D7E03-6A48-4279-99A0-3166EDCD8C4B} URL = https://search.yahoo.com/search?fr=mcafee&type=C010US91015D20131108&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1349451029-2387217336-1723229273-1000 -> {391D7E03-6A48-4279-99A0-3166EDCD8C4B} URL = https://search.yahoo.com/search?fr=mcafee&type=C010US91015D20131108&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1349451029-2387217336-1723229273-1000 -> {FB5249EF-D06E-4094-B285-0753B604EA23} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Z:\Microsoft Visio\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Handler: AutorunsDisabled\skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - Z:\Microsoft Visio\Office15\MSOSB.DLL [2015-04-14] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default
FF SearchEngineOrder.1: Secure Search
FF Keyword.URL: https://search.yahoo.com/search?fr=mcafee&type=B110US0D20131108&p=
FF NetworkProxy: "ftp", "37.187.101.22"
FF NetworkProxy: "ftp_port", 9912
FF NetworkProxy: "gopher", "37.187.101.22"
FF NetworkProxy: "gopher_port", 9912
FF NetworkProxy: "http", "37.187.101.22"
FF NetworkProxy: "http_port", 9912
FF NetworkProxy: "socks", "37.187.101.22"
FF NetworkProxy: "socks_port", 9912
FF NetworkProxy: "ssl", "37.187.101.22"
FF NetworkProxy: "ssl_port", 9912
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files\SumatraPDF\npPdfViewer.dll [2014-05-14] (Simon Bünzli)
FF SearchPlugin: C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\searchplugins\googletranslate.xml [2014-02-27]
FF SearchPlugin: C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\searchplugins\youtube-video-search.xml [2015-03-07]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-10-13]
FF Extension: Canadian English Dictionary - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\en-CA@dictionaries.addons.mozilla.org [2015-03-09]
FF Extension: British English Dictionary (Updated) - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\en-gb@flyingtophat.co.uk [2015-01-07]
FF Extension: Print pages to PDF - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\printPages2Pdf@reinhold.ripper [2015-05-28]
FF Extension: WOT - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-28]
FF Extension: Wiktionary and Google Translate - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\googledictionary@toptip.ca.xpi [2015-03-17]
FF Extension: NoScript - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-27]
FF Extension: LeechBlock - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2014-11-05]
FF Extension: Adblock Plus - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-08]
FF Extension: DownThemAll! - C:\Users\gbalou\AppData\Roaming\Mozilla\Firefox\Profiles\eet0yv9y.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor [2013-11-08]
FF HKU\S-1-5-21-1349451029-2387217336-1723229273-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\WCaptureMoz [2015-06-16]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2015-04-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-05] (Avast Software)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1074480 2015-04-17] (Flexera Software LLC)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2014-02-19] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-04-01] (McAfee, Inc.)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [44224 2014-02-21] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2014-11-17] (Hewlett-Packard) [File not signed]
S2 OracleDBConsoleLPi3; Z:\app\gbalou\product\11.2.0\dbhome_1\bin\nmesrvc.exe [49152 2010-03-02] (Oracle Corporation) [File not signed]
S4 OracleJobSchedulerLPI3; z:\app\gbalou\product\11.2.0\dbhome_1\Bin\extjob.exe [49152 2010-04-02] () [File not signed]
R2 OracleMTSRecoveryService; Z:\app\gbalou\product\11.2.0\dbhome_1\bin\omtsreco.exe [69632 2010-04-01] (Oracle Corporation) [File not signed]
S3 OracleOraDb11g_home1ClrAgent; Z:\app\gbalou\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [38400 2010-02-28] (Oracle Corporation) [File not signed]
R2 OracleServiceLPI3; z:\app\gbalou\product\11.2.0\dbhome_1\bin\ORACLE.EXE [106487808 2010-04-02] (Oracle Corporation) [File not signed]
S3 OracleVssWriterLPI3; z:\app\gbalou\product\11.2.0\dbhome_1\bin\OraVSSW.exe [159744 2010-04-02] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-05] ()
S2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2030272 2014-02-21] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [73360 2014-07-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 OracleOraDb11g_home1TNSListener; Z:\app\gbalou\product\11.2.0\dbhome_1\BIN\TNSLSNR [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-05] ()
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314.sys [318976 2010-01-30] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr.sys [51456 2010-01-30] (Beceem communications pvt ltd.)
S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
R1 pfmfs_853; C:\Windows\System32\Drivers\pfmfs_853.sys [198392 2013-04-10] (Pismo Technic Inc.)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [205504 2014-02-21] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-05] (Avast Software)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 PORTMON; \??\C:\Program Files\Sysinternal\PORTMSYS.SYS [X]
S3 VirtualFD; \??\C:\Users\gbalou\Desktop\Road_To_OS\VFD\vfd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 18:54 - 2015-06-18 18:55 - 00017445 _____ C:\Users\gbalou\Desktop\FRST.txt
2015-06-18 18:53 - 2015-06-18 18:54 - 00000000 ____D C:\FRST
2015-06-18 18:53 - 2015-06-18 18:53 - 01148416 _____ (Farbar) C:\Users\gbalou\Desktop\FRST.exe
2015-06-18 18:46 - 2015-06-18 18:46 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_18_18_46_31.dmp
2015-06-18 11:11 - 2015-06-18 11:11 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_18_11_11_36.dmp
2015-06-17 10:24 - 2015-06-17 10:24 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_17_10_24_50.dmp
2015-06-17 07:58 - 2015-06-17 07:58 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_17_7_58_29.dmp
2015-06-17 00:26 - 2015-06-17 00:26 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_17_0_26_10.dmp
2015-06-16 22:40 - 2015-06-16 22:40 - 00001039 _____ C:\Users\gbalou\Desktop\ipconf.txt
2015-06-16 21:25 - 2015-06-16 22:15 - 00000000 ____D C:\Users\gbalou\.zenmap
2015-06-16 21:25 - 2015-06-16 21:25 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2015-06-16 21:24 - 2015-06-16 21:24 - 00000000 ____D C:\Program Files\WinPcap
2015-06-16 21:24 - 2015-06-16 21:24 - 00000000 ____D C:\Program Files\Nmap
2015-06-16 21:16 - 2015-06-03 20:04 - 25302999 _____ (Insecure.org) C:\Users\gbalou\Downloads\nmap-6.49BETA1-setup.exe
2015-06-16 21:03 - 2015-06-16 21:03 - 00436309 _____ C:\Users\gbalou\Downloads\pscan13.exe
2015-06-16 20:48 - 2015-06-16 20:48 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_20_48_21.dmp
2015-06-16 20:28 - 2015-06-16 20:28 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_20_28_17.dmp
2015-06-16 16:11 - 2015-06-16 16:11 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_16_11_52.dmp
2015-06-16 11:40 - 2015-06-16 11:40 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_11_40_16.dmp
2015-06-16 10:40 - 2015-06-16 10:40 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_10_40_0.dmp
2015-06-16 09:36 - 2015-06-16 09:36 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\WordWeb
2015-06-16 09:32 - 2015-06-16 09:32 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_16_9_32_50.dmp
2015-06-16 09:25 - 2015-06-16 09:25 - 00001874 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordWeb.lnk
2015-06-16 09:24 - 2015-06-16 09:24 - 00000000 ____D C:\Program Files\WordWeb
2015-06-16 09:24 - 2015-05-23 23:44 - 02934912 ____N (WordWeb Software) C:\Windows\wweb32.dll
2015-06-16 09:16 - 2015-06-10 06:57 - 22154216 _____ C:\Users\gbalou\Downloads\wordweb7.exe
2015-06-15 21:19 - 2015-06-15 21:19 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_15_21_19_36.dmp
2015-06-15 15:35 - 2015-06-15 15:35 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_15_15_35_3.dmp
2015-06-15 15:23 - 2015-06-15 15:23 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_15_15_23_28.dmp
2015-06-15 13:37 - 2015-06-15 13:37 - 00018741 _____ C:\Windows\system32\nmesrvc_core_2015_6_15_13_37_24.dmp
2015-06-15 12:40 - 2015-06-15 12:40 - 00000000 ____D C:\Users\gbalou\AppData\Local\4kdownload.com
2015-06-15 12:38 - 2015-06-15 12:38 - 00001182 _____ C:\Users\gbalou\Desktop\4K Video Downloader.lnk
2015-06-15 12:38 - 2015-06-15 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-06-15 12:38 - 2015-06-15 12:38 - 00000000 ____D C:\Program Files\4KDownload
2015-06-15 12:32 - 2015-06-09 13:09 - 24951944 _____ (Open Media LLC ) C:\Users\gbalou\Downloads\4kvideodownloader_3.5.exe
2015-06-14 20:39 - 2015-06-14 20:39 - 00020047 _____ C:\Windows\system32\nmesrvc_core_2015_6_14_20_39_48.dmp
2015-06-14 15:02 - 2015-06-14 15:02 - 00018643 _____ C:\Windows\system32\nmesrvc_core_2015_6_14_15_2_4.dmp
2015-06-13 20:05 - 2015-06-13 20:05 - 00020185 _____ C:\Windows\system32\nmesrvc_core_2015_6_13_20_5_35.dmp
2015-06-13 12:12 - 2015-06-13 12:12 - 00020185 _____ C:\Windows\system32\nmesrvc_core_2015_6_13_12_12_50.dmp
2015-06-12 15:29 - 2015-06-02 19:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-12 15:29 - 2015-05-23 03:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-12 15:29 - 2015-05-23 03:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-12 15:29 - 2015-05-23 03:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-12 15:29 - 2015-05-23 03:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-12 15:29 - 2015-05-23 03:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-12 15:29 - 2015-05-23 03:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-12 15:29 - 2015-05-23 03:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-12 15:29 - 2015-05-23 03:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-12 15:29 - 2015-05-23 03:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-12 15:29 - 2015-05-23 03:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-12 15:29 - 2015-05-23 03:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-12 15:29 - 2015-05-23 03:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-12 15:29 - 2015-05-23 03:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-12 15:29 - 2015-05-23 03:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-12 15:29 - 2015-05-23 02:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-12 15:29 - 2015-05-23 02:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-12 15:29 - 2015-05-23 02:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-12 15:29 - 2015-05-23 02:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-12 15:29 - 2015-05-23 02:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-12 15:29 - 2015-05-23 02:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-12 15:29 - 2015-05-23 02:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-12 15:29 - 2015-05-23 02:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-12 15:29 - 2015-05-23 02:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-12 15:29 - 2015-05-23 02:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-12 15:29 - 2015-05-23 02:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-12 15:28 - 2015-05-27 14:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-12 15:28 - 2015-05-23 03:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-12 15:28 - 2015-05-23 03:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-12 15:28 - 2015-05-23 02:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-12 15:28 - 2015-05-23 02:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-12 15:28 - 2015-05-23 02:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-12 14:21 - 2015-05-09 03:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-12 14:21 - 2015-05-09 03:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 14:21 - 2015-05-09 03:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-12 14:21 - 2015-05-09 03:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-12 14:21 - 2015-05-09 03:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 03:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 01:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 01:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 01:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 14:21 - 2015-05-09 01:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-12 13:25 - 2015-05-25 17:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 13:11 - 2015-06-12 13:11 - 01353963 _____ C:\Users\gbalou\Downloads\uip-uip-1-0.tar.gz
2015-06-11 23:52 - 2015-06-11 23:52 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_23_52_47.dmp
2015-06-11 22:49 - 2015-06-11 22:49 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_22_49_35.dmp
2015-06-11 19:36 - 2015-06-11 20:18 - 00003443 _____ C:\Users\gbalou\Desktop\expli.txt
2015-06-11 19:22 - 2015-06-11 19:22 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_19_22_28.dmp
2015-06-11 19:18 - 2015-06-11 19:18 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_19_18_2.dmp
2015-06-11 17:13 - 2015-06-11 17:13 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_17_13_37.dmp
2015-06-11 15:30 - 2015-06-11 15:30 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_15_30_45.dmp
2015-06-11 08:18 - 2015-06-11 08:18 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_11_8_18_5.dmp
2015-06-10 21:15 - 2015-06-10 21:15 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_21_15_0.dmp
2015-06-10 17:12 - 2015-06-10 17:12 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_17_12_5.dmp
2015-06-10 16:07 - 2015-04-29 18:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 16:07 - 2015-04-29 18:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 16:07 - 2015-04-29 18:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 16:07 - 2015-04-29 18:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 16:07 - 2015-04-29 18:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 16:02 - 2015-04-24 17:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:57 - 2015-06-10 15:57 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_15_57_29.dmp
2015-06-10 15:21 - 2015-06-10 15:21 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_15_21_55.dmp
2015-06-10 13:24 - 2015-06-10 13:24 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_13_24_36.dmp
2015-06-10 11:53 - 2015-06-10 11:53 - 00020191 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_11_53_10.dmp
2015-06-10 11:25 - 2015-06-10 11:25 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_10_11_25_35.dmp
2015-06-10 08:24 - 2015-06-10 08:24 - 00000000 ___SD C:\Users\gbalou\Documents\My Shapes
2015-06-10 08:21 - 2015-06-13 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-09 15:27 - 2015-06-09 16:43 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Audacity
2015-06-09 15:19 - 2015-06-09 15:19 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Image-Line
2015-06-09 15:19 - 2015-03-24 01:08 - 24210616 _____ (Audacity Team ) C:\Users\gbalou\Downloads\audacity-win-2.1.0.exe
2015-06-09 15:17 - 2015-06-09 15:17 - 00000000 ____D C:\Users\gbalou\Documents\Image-Line
2015-06-09 15:17 - 2015-06-09 15:17 - 00000000 ____D C:\Program Files\VstPlugins
2015-06-09 14:59 - 2014-08-25 10:25 - 59790296 _____ C:\Users\gbalou\Downloads\edison_install.exe
2015-06-09 12:59 - 2015-06-09 12:59 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_9_12_59_47.dmp
2015-06-08 22:30 - 2015-06-08 22:30 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_8_22_30_21.dmp
2015-06-08 19:45 - 2015-06-08 19:45 - 00020191 _____ C:\Windows\system32\nmesrvc_core_2015_6_8_19_45_18.dmp
2015-06-08 08:19 - 2015-06-08 08:19 - 00000029 _____ C:\Users\gbalou\Desktop\visio key.txt
2015-06-07 11:58 - 2015-06-07 11:58 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_7_11_58_33.dmp
2015-06-06 15:22 - 2015-06-06 15:22 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_6_15_22_20.dmp
2015-06-06 11:03 - 2015-06-06 11:03 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_6_11_3_36.dmp
2015-06-06 08:14 - 2015-06-06 08:14 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_6_8_14_46.dmp
2015-06-05 22:05 - 2015-06-05 22:05 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_5_22_5_49.dmp
2015-06-05 19:20 - 2015-06-05 19:20 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_5_19_20_25.dmp
2015-06-05 19:14 - 2015-06-05 19:14 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_5_19_14_26.dmp
2015-06-05 16:21 - 2015-06-05 16:21 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_5_16_21_49.dmp
2015-06-04 18:42 - 2015-06-04 18:42 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_4_18_42_50.dmp
2015-06-04 11:00 - 2015-06-11 15:28 - 00000000 ____D C:\Users\gbalou\Documents\SQL Server Management Studio
2015-06-04 11:00 - 2014-02-21 05:20 - 00088768 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr12.0.2000.8.dll
2015-06-04 11:00 - 2014-02-21 05:20 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL12.SQLEXPRESS-sqlagtctr.dll
2015-06-04 10:58 - 2014-02-21 05:20 - 00045760 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLEXPRESS-rsctr12.0.2000.8.dll
2015-06-04 10:53 - 2015-06-04 10:53 - 00000000 ____D C:\Windows\system32\RsFx
2015-06-04 10:52 - 2015-06-04 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-06-04 10:50 - 2015-06-04 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-06-04 10:48 - 2015-06-04 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2015-06-04 10:30 - 2015-06-04 10:30 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_4_10_30_29.dmp
2015-06-04 08:37 - 2015-06-04 08:37 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_4_8_37_33.dmp
2015-06-04 08:25 - 2015-06-04 08:25 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_4_8_25_15.dmp
2015-06-03 22:00 - 2015-06-03 22:00 - 00000000 _____ C:\Users\gbalou\Desktop\TCP_IP Linux Security.txt
2015-06-03 21:17 - 2015-06-04 11:49 - 00000000 ____D C:\Users\gbalou\Desktop\TCP_IP RFCs
2015-06-03 17:39 - 2015-06-04 09:46 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\uTorrent
2015-06-02 20:40 - 2015-06-02 20:42 - 01994592 _____ (BitTorrent Inc.) C:\Users\gbalou\Downloads\uTorrent.exe
2015-06-02 16:37 - 2015-06-14 16:40 - 00000000 ____D C:\Users\gbalou\Desktop\Game Theory
2015-06-02 14:12 - 2015-06-02 16:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-01 20:53 - 2015-06-01 20:53 - 00018787 _____ C:\Windows\system32\nmesrvc_core_2015_6_1_20_53_12.dmp
2015-06-01 20:29 - 2015-06-01 20:29 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_1_20_29_9.dmp
2015-06-01 20:22 - 2015-06-01 20:22 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_1_20_22_29.dmp
2015-06-01 15:55 - 2015-06-01 15:55 - 00282360 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2015-06-01 15:55 - 2015-06-01 15:55 - 00098040 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2015-06-01 15:55 - 2015-06-01 15:55 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2015-06-01 15:55 - 2015-06-01 15:55 - 00036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-06-01 11:32 - 2015-06-01 11:32 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_6_1_11_32_40.dmp
2015-05-31 21:44 - 2015-05-31 21:44 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_31_21_44_46.dmp
2015-05-31 18:46 - 2015-05-31 18:46 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_31_18_46_10.dmp
2015-05-30 16:23 - 2015-05-30 16:23 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_30_16_23_41.dmp
2015-05-30 14:02 - 2015-05-30 14:02 - 00018689 _____ C:\Windows\system32\nmesrvc_core_2015_5_30_14_2_15.dmp
2015-05-30 11:41 - 2015-05-30 11:41 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_30_11_41_7.dmp
2015-05-29 20:01 - 2015-05-29 20:01 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_29_20_1_50.dmp
2015-05-28 20:27 - 2015-05-28 20:27 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_28_20_27_16.dmp
2015-05-28 08:27 - 2015-05-28 08:27 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_28_8_27_23.dmp
2015-05-27 21:12 - 2015-05-27 21:12 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_21_12_43.dmp
2015-05-27 18:55 - 2015-05-27 18:55 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_18_55_41.dmp
2015-05-27 18:52 - 2015-05-27 18:52 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_18_52_24.dmp
2015-05-27 15:10 - 2015-05-27 15:10 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_15_10_23.dmp
2015-05-27 10:40 - 2015-05-27 10:40 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_10_40_34.dmp
2015-05-27 10:02 - 2015-05-27 10:02 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_10_2_2.dmp
2015-05-27 07:57 - 2015-05-27 07:57 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_27_7_57_52.dmp
2015-05-26 20:06 - 2015-06-17 11:00 - 00000000 ____D C:\Users\gbalou\Desktop\InfoSec
2015-05-26 19:14 - 2015-05-26 19:14 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_26_19_14_33.dmp
2015-05-26 15:47 - 2015-05-26 15:47 - 00446808 _____ (Microsoft Corporation) C:\Users\gbalou\Downloads\VisualBasicPowerPacksSetup.exe
2015-05-26 14:56 - 2015-06-04 08:22 - 00000000 ____D C:\Windows\system32\Gnosice
2015-05-26 14:56 - 2015-06-04 08:22 - 00000000 ____D C:\Users\gbalou\Documents\Gnostice
2015-05-26 14:56 - 2015-06-04 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnostice
2015-05-26 14:56 - 2015-06-04 08:21 - 00000000 ____D C:\Program Files\Gnostice
2015-05-26 14:39 - 2015-05-26 14:39 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_26_14_39_54.dmp
2015-05-26 14:20 - 2015-05-26 14:20 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_26_14_20_50.dmp
2015-05-26 11:59 - 2015-05-26 11:59 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_26_11_59_47.dmp
2015-05-25 13:14 - 2015-05-25 13:14 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_25_13_14_55.dmp
2015-05-25 08:25 - 2015-05-25 08:25 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_25_8_25_0.dmp
2015-05-24 22:32 - 2015-05-24 23:37 - 00000000 ____D C:\Users\gbalou\Desktop\MObile DEV
2015-05-24 16:31 - 2015-05-24 16:31 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_24_16_31_23.dmp
2015-05-24 14:20 - 2015-05-24 14:20 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_24_14_20_31.dmp
2015-05-24 07:32 - 2015-05-24 07:32 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_24_7_32_47.dmp
2015-05-23 18:01 - 2015-05-23 18:01 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_23_18_1_7.dmp
2015-05-23 17:40 - 2015-05-23 17:40 - 00008784 _____ C:\Users\gbalou\Desktop\TP2_oracle_ASSALE.rar
2015-05-23 17:11 - 2015-05-23 17:12 - 00000000 ____D C:\Users\gbalou\Desktop\PL_SQL
2015-05-23 00:37 - 2015-05-23 00:37 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_23_0_37_51.dmp
2015-05-22 21:49 - 2015-06-01 12:37 - 00000000 ____D C:\Users\gbalou\Desktop\TP2oracle
2015-05-22 20:07 - 2015-05-22 13:42 - 00005341 _____ C:\Users\gbalou\Desktop\codeOracle.txt
2015-05-22 20:05 - 2015-05-22 20:06 - 00020093 _____ C:\Windows\system32\nmesrvc_core_2015_5_22_20_5_59.dmp
2015-05-22 19:09 - 2015-05-22 19:09 - 00000000 ____D C:\Users\gbalou\Oracle
2015-05-22 19:07 - 2015-05-22 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle - OraDb11g_home1
2015-05-21 23:26 - 2015-06-11 14:23 - 00000000 ____D C:\Users\gbalou\Documents\Vistumbler
2015-05-21 23:19 - 2015-05-21 23:19 - 00000897 _____ C:\Users\gbalou\Desktop\Vistumbler.lnk
2015-05-21 23:19 - 2015-05-21 23:19 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistumbler
2015-05-21 23:19 - 2015-05-21 23:19 - 00000000 ____D C:\Program Files\Vistumbler
2015-05-21 23:16 - 2015-05-21 23:18 - 07359992 _____ C:\Users\gbalou\Downloads\Vistumbler_v10-5.exe
2015-05-21 23:06 - 2015-05-21 23:06 - 00001475 _____ C:\Users\gbalou\Desktop\exoreseau.txt
2015-05-21 16:13 - 2015-05-21 16:13 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Microsoft Corporation
2015-05-21 12:43 - 2015-05-21 12:43 - 00000000 ____D C:\Users\gbalou\.oracle
2015-05-20 23:34 - 2015-05-20 23:34 - 01324940 _____ C:\Users\gbalou\Downloads\NetStumblerInstaller_0_4_0.exe
2015-05-20 23:29 - 2015-05-20 23:29 - 00153399 _____ C:\Users\gbalou\Downloads\cbsidlm-sp1_0_595-iStumbler-ORG-10221917.dmg
2015-05-19 22:16 - 2015-05-19 23:02 - 00024340 _____ C:\Users\gbalou\Desktop\windev.odt
2015-05-19 11:41 - 2015-05-19 11:41 - 00000036 _____ C:\Users\gbalou\Desktop\act.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 18:52 - 2013-12-29 23:51 - 02032372 _____ C:\Windows\WindowsUpdate.log
2015-06-18 18:45 - 2015-03-12 00:02 - 00041066 _____ C:\Windows\setupact.log
2015-06-18 18:45 - 2014-02-11 20:28 - 00471880 _____ C:\Windows\PFRO.log
2015-06-18 18:45 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-18 17:11 - 2009-07-14 04:34 - 00016960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 17:11 - 2009-07-14 04:34 - 00016960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 10:26 - 2014-01-10 19:33 - 00000468 __RSH C:\ProgramData\ntuser.pol
2015-06-16 21:25 - 2013-11-07 16:49 - 00000000 ____D C:\Users\gbalou
2015-06-16 10:08 - 2014-12-30 21:20 - 00000000 ____D C:\Users\gbalou\.VirtualBox
2015-06-15 13:41 - 2014-12-30 14:22 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\vlc
2015-06-14 15:03 - 2015-05-07 11:27 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLEXPRESS
2015-06-14 15:00 - 2015-05-06 20:14 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-06-14 08:55 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache
2015-06-14 07:39 - 2013-11-07 22:46 - 00000000 ____D C:\Windows\system32\MRT
2015-06-14 07:33 - 2013-11-07 22:46 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-13 12:11 - 2014-02-11 20:29 - 00365768 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-13 07:33 - 2014-08-03 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 21:26 - 2013-12-05 17:00 - 00139832 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2015-06-12 21:26 - 2013-11-30 22:26 - 00000000 ____D C:\Program Files\Steam
2015-06-12 21:25 - 2013-12-05 17:01 - 00281768 _____ C:\Windows\system32\PnkBstrB.xtr
2015-06-12 21:25 - 2013-12-05 17:00 - 00281768 _____ C:\Windows\system32\PnkBstrB.exe
2015-06-12 21:24 - 2013-12-05 17:00 - 00281768 _____ C:\Windows\system32\PnkBstrB.ex0
2015-06-12 13:16 - 2014-08-28 16:37 - 00000000 ____D C:\Users\gbalou\Documents\Visual Studio 2013
2015-06-12 00:00 - 2013-11-07 16:52 - 00944032 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-10 20:29 - 2014-08-03 20:28 - 00000000 ____D C:\Users\gbalou\AppData\Local\Microsoft Help
2015-06-10 12:16 - 2014-02-13 08:27 - 00076440 _____ C:\Users\gbalou\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-10 08:21 - 2014-09-14 12:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-10 08:21 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-06 11:22 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-04 22:15 - 2013-12-01 20:04 - 00000034 _____ C:\Users\gbalou\Desktop\steampsswrd.txt
2015-06-04 10:52 - 2014-06-07 11:29 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-04 10:51 - 2013-11-08 12:57 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-06-04 10:48 - 2014-06-07 11:29 - 00000000 ____D C:\Windows\system32\1033
2015-06-04 10:45 - 2015-05-07 11:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2015-06-04 10:17 - 2014-06-07 11:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-06-04 08:23 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\wfp
2015-06-04 08:22 - 2015-05-07 20:59 - 00000000 ____D C:\Users\ReportServer$SQLEXPRESS
2015-06-04 08:22 - 2014-10-19 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-04 08:22 - 2014-01-11 21:47 - 00000000 ____D C:\Users\Guest
2015-06-04 08:22 - 2014-01-10 17:03 - 00000000 ____D C:\Users\Administrator
2015-06-04 08:22 - 2013-11-08 17:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-04 08:22 - 2009-07-14 07:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-04 08:22 - 2009-07-14 07:49 - 00000000 ____D C:\Windows\ShellNew
2015-06-04 08:22 - 2009-07-14 02:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-04 08:21 - 2015-01-26 21:46 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-04 08:21 - 2014-10-19 17:19 - 00000000 ____D C:\Program Files\Java
2015-06-04 08:21 - 2014-01-20 18:21 - 00000000 ____D C:\Windows\Minidump
2015-06-04 08:21 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\registration
2015-06-04 08:20 - 2013-12-22 19:34 - 00000000 ____D C:\ProgramData\Oracle
2015-06-03 18:40 - 2013-11-08 00:16 - 00000000 ____D C:\Windows\Panther
2015-06-01 13:27 - 2014-05-27 18:01 - 00000000 ____D C:\Users\gbalou\Desktop\Books
2015-05-29 20:43 - 2014-08-21 13:37 - 00000000 ____D C:\Users\gbalou\AppData\Local\CrashDumps
2015-05-27 15:09 - 2009-07-14 04:53 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-26 21:53 - 2015-05-10 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-26 21:39 - 2014-04-01 07:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-05-26 14:37 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Resources
2015-05-22 19:02 - 2013-12-22 19:32 - 00000000 ____D C:\Program Files\Oracle
2015-05-19 20:32 - 2013-11-10 20:19 - 00000000 ____D C:\Users\gbalou\AppData\Roaming\Skype
2015-05-19 07:48 - 2015-05-18 17:41 - 00000000 ____D C:\Users\gbalou\AppData\Local\PC SOFT

==================== Files in the root of some directories =======

2013-12-05 17:00 - 2013-12-05 17:00 - 0138904 _____ () C:\Users\gbalou\AppData\Roaming\PnkBstrK.sys
2014-02-09 18:29 - 2014-09-21 17:21 - 0007597 _____ () C:\Users\gbalou\AppData\Local\resmon.resmoncfg
2015-05-04 14:51 - 2015-05-04 14:52 - 0000355 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some files in TEMP:
====================
C:\Users\gbalou\AppData\Local\Temp\css7mho8.dll
C:\Users\gbalou\AppData\Local\Temp\pyl927E.tmp.exe
C:\Users\gbalou\AppData\Local\Temp\Quarantine.exe
C:\Users\gbalou\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-13 08:58

==================== End of log ============================