OTL logfile created on: 26/04/2013 15:27:21 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Proprietaire\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 959,36 Mb Total Physical Memory | 394,09 Mb Available Physical Memory | 41,08% Memory free 2,31 Gb Paging File | 1,75 Gb Available in Paging File | 75,94% Paging File free Paging file location(s): C:\pagefile.sys 1488 2976 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 3,13 Gb Free Space | 4,01% Space Free | Partition Type: NTFS Drive D: | 154,76 Gb Total Space | 61,39 Gb Free Space | 39,67% Space Free | Partition Type: NTFS Drive E: | 187,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: LEVEQUE-D053109 | User Name: Proprietaire | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/24 22:02:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Proprietaire\Bureau\OTL.exe PRC - [2013/04/21 21:18:25 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/04/02 08:16:30 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013/04/02 08:16:21 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013/04/02 08:16:19 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/04/02 08:16:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013/02/11 22:59:14 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe PRC - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\WINDOWS\system32\escsvc.exe PRC - [2011/11/02 09:02:00 | 000,246,368 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIINE.EXE PRC - [2011/10/31 15:25:08 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe PRC - [2011/10/24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009/11/07 10:22:18 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe PRC - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2009/02/03 15:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/11/15 13:29:57 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe PRC - [2003/04/01 10:21:48 | 000,046,080 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/04/21 21:18:25 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/02/25 13:08:24 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2013/02/11 22:59:14 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll MOD - [2011/06/08 23:49:42 | 001,929,576 | ---- | M] () -- C:\WINDOWS\system32\HPScanTRDrv_DJ3070_B611.dll MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013/04/21 21:18:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/02 08:16:30 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/04/02 08:16:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/03/12 23:08:28 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/01/07 12:22:28 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\WINDOWS\system32\escsvc.exe -- (EpsonScanSvc) SRV - [2011/10/24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2007/11/15 13:29:57 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard) SRV - [2003/04/01 10:21:48 | 000,046,080 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTGLM7X.sys -- (SetupNTGLM7X) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTACCESS.sys -- (NTACCESS) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\install4\MSICPL.sys -- (MSICPL) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\bibitte\catchme.sys -- (catchme) DRV - File not found [Kernel | System | Stopped] -- -- (Aavmker4) DRV - [2013/04/23 08:24:24 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013/04/02 08:16:31 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013/04/02 08:16:31 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013/04/02 08:16:31 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013/02/25 13:08:40 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012/04/11 20:42:00 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/11/12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2008/08/01 10:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/08/01 10:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008/04/17 10:33:26 | 004,707,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008/04/13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2007/11/15 13:29:56 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver) DRV - [2006/09/05 18:03:16 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln) DRV - [2006/07/01 23:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/01/27 08:04:16 | 000,099,584 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2005/08/11 07:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2003/04/01 10:23:22 | 000,058,288 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/?fr=fp-yie8 IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{5CB83009-D387-4499-A778-19BF059D9C90}: "URL" = http://www.flickr.com/search/?q={searchTerms} IE - HKCU\..\SearchScopes\{672D9DC2-A852-4522-B873-6CAD33C8F411}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=FP-tab-web-t340&x=wrt&meta=vl%3D IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{93C02C3D-C760-44D3-BECD-BC99553F6C4B}: "URL" = http://rover.ebay.com/rover/1/709-71121-23097-1/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8 IE - HKCU\..\SearchScopes\{F03AE52E-0BF2-4908-8B72-0D8F58963E75}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B9D6218B8-03C7-4b91-AA43-680B305DD35C%7D:3.3 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10 FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5 FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {077a24e9-0db5-435f-9010-5261c53e5925}:2008.1.9 FF - prefs.js..extensions.enabledItems: widestream6@spointer.com:3.0.1474.124 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {ef79f67a-6ad7-4715-a0f8-932fca442023}:3.8.0.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bitmanagement.com/BS Contact: C:\Program Files\Bitmanagement Software\BS Contact\npBSContact.dll (Bitmanagement Software GmbH) FF - HKLM\Software\MozillaPlugins\@bitmanagement.com/BSVersion,version=1.006: C:\Program Files\Bitmanagement Software\BS Contact\npBSVersion_6.dll (Bitmanagement Software GmbH) FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@Cabrilog.com/Cabri 3D: C:\Program Files\Cabri 3D Plug-in 2.0\bin\npcabri3d.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2303: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1465: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found FF - HKCU\Software\MozillaPlugins\@bitmanagement.com/BS Contact: C:\Program Files\Bitmanagement Software\BS Contact\npBSContact.dll (Bitmanagement Software GmbH) FF - HKCU\Software\MozillaPlugins\@bitmanagement.com/BSVersion,version=1.006: C:\Program Files\Bitmanagement Software\BS Contact\npBSVersion_6.dll (Bitmanagement Software GmbH) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.0: C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Yahoo!\BrowserPlus\2.7.0\Plugins\npybrowserplus_2.7.0.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/21 21:18:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/21 21:18:14 | 000,000,000 | ---D | M] [2008/08/26 17:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Extensions [2013/04/25 07:41:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions [2010/08/05 23:21:53 | 000,000,000 | ---D | M] (Mabinogi Avatar Renderer) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{077a24e9-0db5-435f-9010-5261c53e5925} [2009/07/09 09:58:40 | 000,000,000 | ---D | M] (iFox Metal) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{08c834b4-e025-44a3-9b95-e9885adc4be0} [2008/05/14 12:08:09 | 000,000,000 | ---D | M] (VirusTotal) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{4d36ee11-50e8-46d4-91d9-a49c457a354d} [2013/03/24 16:38:52 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\en-US@dictionaries.addons.mozilla.org [2010/02/19 17:00:33 | 000,000,000 | ---D | M] (Dictionnaire français «Réforme 1990») -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\fr@dictionaries.addons.mozilla.org [2011/12/03 12:13:37 | 000,052,184 | ---- | M] () (No name found) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}.xpi [2013/02/16 16:16:24 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2009/07/09 09:58:38 | 000,671,440 | ---- | M] () (No name found) -- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\Firefox\Profiles\rrjs7ccv.default\extensions\{08c834b4-e025-44a3-9b95-e9885adc4be0}\chrome\tmp.xpi [2013/04/21 21:18:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/04/21 21:18:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2008/09/04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2012/01/07 12:21:36 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll [2013/04/02 10:41:54 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2013/04/02 10:41:54 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/04/02 10:41:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/04/02 10:41:54 | 000,001,472 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2013/04/02 10:41:54 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2013/04/02 10:41:54 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2013/04/25 21:42:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIINE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc) O4 - Startup: C:\Documents and Settings\Proprietaire\Menu Démarrer\Programmes\Démarrage\Jacquie Lawson Advent Calendar.lnk = File not found O4 - Startup: C:\Documents and Settings\Proprietaire\Menu Démarrer\Programmes\Démarrage\_uninst_47253115.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://webscanner.kaspersky.fr/kavwebscan_unicode.cab (CKAVWebScan Object) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Reg Error: Key error.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by130fd.bay130.hotmail.msn.com/resources/MsnPUpld.cab (Reg Error: Key error.) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Reg Error: Key error.) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A555AE9C-7118-4F3D-8C60-113D25441450}: DhcpNameServer = 192.168.0.254 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found O24 - Desktop WallPaper: C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/04/06 19:22:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/05/26 12:21:13 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008/05/26 12:21:13 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009/06/25 00:57:30 | 000,000,066 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (SsiEfr.e) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation) MsConfig - StartUpFolder: C:^Documents and Settings^Proprietaire^Menu Démarrer^Programmes^Démarrage^Think-Adz.lnk - - File not found MsConfig - StartUpReg: [b]CTFMON.EXE[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]High Definition Audio Property Page Shortcut[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: [b]SoundMAX[/b] - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) MsConfig - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: SharedAccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error. ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {1C51F0F1-8168-40E2-99DC-05BC809434FA} - Yahoo! Search Settings Update ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error. ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error. ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597) ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8E350386-AB12-4BB2-A4EB-4AD5EBAFB50B} - NoIE8Tour ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C654AF1E-43F0-4EDB-BF40-52E2F302AB92} - Yahoo! Toolbar ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CB86EC62-CEA7-4C82-9EBA-B7A5E410E54C} - Reg Error: Value error. ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll () PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/26 13:01:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/04/25 21:24:47 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013/04/25 21:21:13 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/04/25 21:14:12 | 005,059,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Proprietaire\Bureau\bibitte.exe [2013/04/25 19:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Proprietaire\Application Data\Malwarebytes [2013/04/25 19:14:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2013/04/25 19:14:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013/04/25 19:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/04/25 19:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013/04/25 19:11:39 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Proprietaire\Bureau\mbam-setup-1.75.0.1300.exe [2013/04/25 08:10:04 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Proprietaire\Bureau\malwarebytes-anti-malware_1.75.0.1300_fr_215092.exe [2013/04/24 22:02:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Proprietaire\Bureau\OTL.exe [2013/04/24 08:41:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Proprietaire\Recent [2013/04/23 08:24:24 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013/04/22 13:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Proprietaire\Local Settings\Application Data\ynlhjhsh [2013/04/21 21:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/04/14 20:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013/04/01 18:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Thinstall [2013/04/01 18:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Proprietaire\Application Data\Thinstall [2013/04/01 18:50:11 | 068,288,512 | ---- | C] (Investintech.com Inc.) -- C:\Documents and Settings\Proprietaire\Bureau\Able2Extract.exe [2007/07/02 18:36:27 | 003,125,040 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/26 15:29:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/04/26 15:23:33 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/04/26 15:22:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/04/26 15:22:27 | 1006,030,848 | -HS- | M] () -- C:\hiberfil.sys [2013/04/26 15:01:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Messager.job [2013/04/26 14:58:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/04/26 14:07:32 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\uil.lnk [2013/04/26 14:00:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013/04/26 12:31:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013/04/26 11:17:37 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E1902DB3-0359-47E4-8DE5-9D631FFAABBF}.job [2013/04/26 10:10:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/04/25 21:42:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013/04/25 21:24:52 | 000,000,345 | RHS- | M] () -- C:\boot.ini [2013/04/25 21:15:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/04/25 21:14:36 | 005,059,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Proprietaire\Bureau\bibitte.exe [2013/04/25 20:40:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/04/25 12:28:12 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Proprietaire\Bureau\mbam-setup-1.75.0.1300.exe [2013/04/25 08:23:32 | 000,000,055 | ---- | M] () -- C:\Documents and Settings\Proprietaire\Application Data\mbam.context.scan [2013/04/25 08:10:06 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Proprietaire\Bureau\malwarebytes-anti-malware_1.75.0.1300_fr_215092.exe [2013/04/25 07:39:29 | 000,619,461 | ---- | M] () -- C:\Documents and Settings\Proprietaire\Bureau\adwcleaner.exe [2013/04/24 22:02:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Proprietaire\Bureau\OTL.exe [2013/04/24 13:08:20 | 000,000,368 | -HS- | M] () -- C:\WINDOWS\5967839drv.spi [2013/04/24 08:39:23 | 000,969,812 | ---- | M] () -- C:\Documents and Settings\Proprietaire\Mes documents\cc_20130424_083856.reg [2013/04/23 08:24:24 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013/04/21 21:16:55 | 000,595,285 | ---- | M] () -- C:\Documents and Settings\Proprietaire\Bureau\plan-st-martin-2012.pdf [2013/04/20 11:37:50 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\Proprietaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk [2013/04/14 20:47:10 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013/04/14 20:47:10 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2013/04/14 20:47:01 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013/04/14 20:47:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2013/04/14 18:20:00 | 000,199,660 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013/04/10 18:53:46 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/04/07 19:59:20 | 000,511,102 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2013/04/07 19:59:20 | 000,441,884 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/04/07 19:59:20 | 000,085,320 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2013/04/07 19:59:20 | 000,071,820 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013/04/02 08:16:31 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013/04/02 08:16:31 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013/04/02 08:16:31 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/25 21:24:52 | 000,000,229 | ---- | C] () -- C:\Boot.bak [2013/04/25 21:24:48 | 000,263,488 | RHS- | C] () -- C:\cmldr [2013/04/25 21:21:25 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013/04/25 21:21:25 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013/04/25 19:14:45 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\uil.lnk [2013/04/25 08:23:16 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\mbam.context.scan [2013/04/25 07:39:29 | 000,619,461 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Bureau\adwcleaner.exe [2013/04/24 22:07:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/04/24 11:51:05 | 000,000,368 | -HS- | C] () -- C:\WINDOWS\5967839drv.spi [2013/04/24 08:39:02 | 000,969,812 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Mes documents\cc_20130424_083856.reg [2013/04/21 21:16:54 | 000,595,285 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Bureau\plan-st-martin-2012.pdf [2013/04/14 20:47:01 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013/04/14 20:47:01 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013/04/14 20:47:01 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013/04/14 20:47:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2013/02/08 05:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013/01/21 23:22:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2012/07/09 21:39:28 | 000,011,252 | ---- | C] () -- C:\Documents and Settings\Proprietaire\gsview32.ini [2012/02/28 13:30:33 | 001,929,576 | ---- | C] () -- C:\WINDOWS\System32\HPScanTRDrv_DJ3070_B611.dll [2012/02/28 13:27:49 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini [2012/02/15 07:46:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/05 09:41:19 | 000,000,934 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Local Settings\Application Data\uy0nt85qbo15844pi4p72o5p677e1l755520x8d8i4tum [2012/01/05 09:41:19 | 000,000,934 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\uy0nt85qbo15844pi4p72o5p677e1l755520x8d8i4tum [2011/12/21 02:13:29 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\r6aa5gfvepcsrrzj.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.xp070105.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.px050107.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010705.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Program Files\.ex010507.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Program Files\.bx050107.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.ax010705.dat [2010/03/13 18:19:27 | 000,000,133 | -H-- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\lakerda1967.sys [2010/03/13 18:18:57 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\docXConverter (3).ini [2008/03/17 10:28:25 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat [2007/05/11 16:32:00 | 000,216,064 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.drv190904.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.drv120405.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.drv120205.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211204.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data211004.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.data110704.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.data001.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.data000.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000002.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Program Files\.dat000001.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.app190905.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Proprietaire\Application Data\.addit001.dat [2007/04/07 13:27:57 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Proprietaire\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2007/04/07 13:13:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2008/10/10 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BSD [2008/10/10 18:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BSD Concept [2007/04/22 17:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cabrilog [2012/04/11 20:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2013/01/21 18:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2008/11/06 00:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Games [2007/11/15 13:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft [2011/09/16 15:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IndexEducation [2007/04/11 18:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Link Data Security [2008/09/14 21:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application [2013/04/24 22:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2013/01/20 11:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2011/03/31 13:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UniversalisV12 [2010/06/22 13:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2011/08/11 23:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2010/11/10 11:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2007/04/22 17:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\.Cabri3D-2.0 [2010/06/23 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\AdSigner [2010/12/19 18:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1 [2013/04/02 10:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\BitTorrent [2008/10/10 18:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\BSD Concept [2012/02/09 23:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Canon [2008/08/10 20:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\DAEMON Tools [2012/04/11 20:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\DAEMON Tools Lite [2009/06/29 14:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\DeepBurner [2007/04/11 21:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Design Science [2013/04/26 15:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\DNA [2013/01/21 18:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Epson [2009/04/30 08:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Foxit [2011/09/16 15:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\IndexEducation [2010/12/10 12:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\JacquieLawsonAdventCalendar [2009/10/05 10:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\LimeWire [2010/05/12 21:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\LolClient [2009/09/03 23:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2012/05/30 21:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\LolClient2 [2009/02/06 23:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\My Games [2012/01/09 21:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\OpenOffice.org [2012/01/09 21:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Oracle [2007/04/22 13:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\SecondLife [2008/11/16 23:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Studio-Scrap2 [2012/04/03 21:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\SystemRequirementsLab [2008/05/21 15:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\TaoUSign [2013/04/03 21:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Thinstall [2011/08/11 13:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Uniblue [2007/04/11 18:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Universalis V12 [2009/12/14 00:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Windows Live Writer [2012/07/09 21:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\xm1 [2010/06/22 13:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Proprietaire\Application Data\Zylom [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2013/04/25 07:40:44 | 000,000,393 | ---- | M] () -- C:\AdwCleaner[S1].txt [2013/04/25 07:41:21 | 000,023,257 | ---- | M] () -- C:\AdwCleaner[S2].txt [2007/04/06 19:22:38 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009/02/18 20:04:25 | 000,000,229 | ---- | M] () -- C:\Boot.bak [2013/04/25 21:24:52 | 000,000,345 | RHS- | M] () -- C:\boot.ini [2006/03/02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2013/04/25 21:49:23 | 000,019,683 | ---- | M] () -- C:\ComboFix.txt [2007/04/06 19:22:38 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2013/04/26 15:22:27 | 1006,030,848 | -HS- | M] () -- C:\hiberfil.sys [2007/04/06 19:22:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/04/06 19:22:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006/03/02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/05/14 14:01:32 | 000,252,240 | RHS- | M] () -- C:\ntldr [2013/04/26 15:22:26 | 1560,281,088 | -HS- | M] () -- C:\pagefile.sys [2013/04/26 15:29:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2008/06/05 13:40:13 | 000,000,022 | ---- | M] () -- C:\TCleaner.txt [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.bx050107.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | M] () -- C:\Program Files\.dat000001.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | M] () -- C:\Program Files\.dat000002.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.data110704.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.data211004.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.data211204.dat [2007/04/22 17:49:36 | 000,000,008 | -HS- | M] () -- C:\Program Files\.drv120405.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.ex010507.dat [2011/03/28 19:53:48 | 000,000,008 | -HS- | M] () -- C:\Program Files\.ex010705.dat [2007/07/02 18:36:56 | 003,125,040 | ---- | M] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2013/01/20 11:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2011/06/16 08:47:43 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2007/04/12 21:47:57 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software [2007/04/06 19:43:18 | 000,000,000 | ---D | M] -- C:\Program Files\AMD [2007/04/06 19:47:41 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices [2011/10/29 18:08:40 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2007/04/16 21:09:00 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft [2009/06/29 12:02:47 | 000,000,000 | ---D | M] -- C:\Program Files\Astonsoft [2013/02/25 13:45:54 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2013/01/07 14:00:30 | 000,000,000 | ---D | M] -- C:\Program Files\Battle for Wesnoth 1.8.2 [2011/06/05 17:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\bayardKids [2010/02/28 00:47:43 | 000,000,000 | ---D | M] -- C:\Program Files\Bitmanagement Software [2011/03/28 10:50:52 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent [2011/10/29 16:09:27 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour [2008/10/10 18:12:35 | 000,000,000 | ---D | M] -- C:\Program Files\BSD Concept [2007/04/22 17:49:29 | 000,000,000 | ---D | M] -- C:\Program Files\Cabri 3D 2.0 [2007/04/22 17:49:12 | 000,000,000 | ---D | M] -- C:\Program Files\Cabri 3D Plug-in 2.0 [2007/04/22 17:45:53 | 000,000,000 | ---D | M] -- C:\Program Files\Cabri II Plus 1.3 [2012/09/03 20:19:40 | 000,000,000 | ---D | M] -- C:\Program Files\Canon [2009/04/22 14:53:22 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2007/04/12 23:07:16 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2008/06/05 11:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications [2010/08/05 23:56:18 | 000,000,000 | ---D | M] -- C:\Program Files\coolpaie [2013/04/23 08:24:24 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite [2008/01/28 10:53:15 | 000,000,000 | ---D | M] -- C:\Program Files\DivX [2013/04/26 15:22:32 | 000,000,000 | ---D | M] -- C:\Program Files\DNA [2009/06/30 16:28:56 | 000,000,000 | ---D | M] -- C:\Program Files\DVCam 3(PC Camera) [2013/01/20 11:07:57 | 000,000,000 | ---D | M] -- C:\Program Files\epson [2013/01/20 11:09:38 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON Software [2013/04/25 21:36:05 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs [2009/02/06 23:15:14 | 000,000,000 | ---D | M] -- C:\Program Files\Firaxis Games [2013/01/23 17:13:17 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software [2011/11/19 12:29:25 | 000,000,000 | ---D | M] -- C:\Program Files\Freeplayer [2009/02/10 12:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy [2007/04/18 11:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft [2012/02/28 13:32:08 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard [2011/08/24 13:10:08 | 000,000,000 | ---D | M] -- C:\Program Files\Hi-Net Software [2012/04/05 07:54:50 | 000,000,000 | ---D | M] -- C:\Program Files\HP [2012/02/28 13:32:02 | 000,000,000 | ---D | M] -- C:\Program Files\HP Photo Creations [2013/01/20 11:09:36 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2009/07/04 21:57:48 | 000,000,000 | ---D | M] -- C:\Program Files\InstStudio-Scrap [2013/04/10 07:48:40 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2011/12/01 22:38:49 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2011/12/01 22:39:44 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2010/12/28 23:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\Jacquie Lawson Advent Calendar [2012/01/09 21:40:17 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2011/06/07 14:50:12 | 000,000,000 | ---D | M] -- C:\Program Files\League of Legends [2008/09/19 12:13:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mail PassView [2013/04/25 22:04:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/01/07 15:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\MathType [2007/07/18 05:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\Media Player Classic [2008/08/14 12:30:08 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger [2012/01/07 12:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\Metin2_France [2012/02/07 17:05:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2007/04/12 09:26:45 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2007/04/12 09:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2013/03/14 18:46:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2009/03/20 09:48:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012/02/06 12:03:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework [2012/07/09 21:26:11 | 000,000,000 | ---D | M] -- C:\Program Files\MiKTeX 2.9 [2012/01/07 11:50:22 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2013/04/22 15:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2013/04/22 19:17:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2007/04/07 13:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2007/04/11 21:44:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2007/04/06 19:19:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2007/08/10 01:06:21 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2007/08/18 15:14:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0 [2009/12/18 17:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2013/04/14 20:46:49 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation [2007/04/06 19:19:51 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services [2012/01/09 21:16:39 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3 [2012/01/09 21:40:52 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle [2012/01/07 11:55:46 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2010/08/05 23:58:40 | 000,000,000 | ---D | M] -- C:\Program Files\Outremondes [2011/06/07 14:55:26 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks [2007/06/21 12:46:20 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator [2012/01/07 16:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2007/07/18 05:27:37 | 000,000,000 | ---D | M] -- C:\Program Files\Real Alternative [2009/02/18 20:04:44 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2007/04/07 13:30:56 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2012/01/12 18:48:05 | 000,000,000 | ---D | M] -- C:\Program Files\SAMSUNG [2007/04/16 21:10:09 | 000,000,000 | ---D | M] -- C:\Program Files\ScanSoft [2007/04/06 19:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2008/05/01 00:03:59 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra [2007/12/22 15:07:18 | 000,000,000 | ---D | M] -- C:\Program Files\Skype [2012/01/07 10:39:54 | 000,000,000 | ---D | M] -- C:\Program Files\SLD Codec Pack [2008/10/25 14:46:29 | 000,000,000 | ---D | M] -- C:\Program Files\Studio-Scrap [2008/10/25 14:46:37 | 000,000,000 | ---D | M] -- C:\Program Files\Tracker Software [2013/02/12 08:18:17 | 000,000,000 | ---D | M] -- C:\Program Files\Turbine [2011/08/11 13:57:35 | 000,000,000 | ---D | M] -- C:\Program Files\Uniblue [2008/09/14 21:28:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2007/04/11 17:13:14 | 000,000,000 | ---D | M] -- C:\Program Files\Universalis [2011/02/12 22:18:51 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle [2007/04/11 16:05:09 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2010/08/05 23:59:52 | 000,000,000 | ---D | M] -- C:\Program Files\Warcraft III [2007/04/11 17:40:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer [2012/02/07 18:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2009/03/20 09:47:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2007/04/07 13:17:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2 [2012/01/07 15:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2008/05/14 14:02:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2007/04/06 19:21:44 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate [2012/01/09 21:16:15 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR [2007/04/06 19:22:57 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [2010/06/02 12:56:53 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2006/03/02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2006/03/02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [2006/03/02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2006/03/02 14:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=0BB998A402272141809EE90F9081CB27 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe [2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\cmdcons\autochk.exe [2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe [2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\system32\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006/03/02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2006/03/02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006/03/02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006/03/02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2006/03/02 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ERDNT\cache\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hidserv.dll [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hidserv.dll [2008/05/14 13:58:23 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hidserv.dll [2008/04/14 04:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\ServicePackFiles\i386\hidserv.dll [2008/04/14 05:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\system32\dllcache\hidserv.dll [2008/04/14 05:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\system32\hidserv.dll [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\ERDNT\cache\imm32.dll [2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll [2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\system32\imm32.dll [2006/03/02 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=E55DAFA1A354BD5CB69151563DC9748A -- C:\WINDOWS\$NtServicePackUninstall$\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2008/04/14 04:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll [2008/04/14 04:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll [2007/04/16 18:11:08 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=62E3F0E9ABFCBCEE62C51546F622C455 -- C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll [2007/04/16 17:53:11 | 001,049,600 | ---- | M] (Microsoft Corporation) MD5=6F1FE2AE7B22EB9CED1BFF533C9455EA -- C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll [2009/03/21 16:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll [2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\ERDNT\cache\kernel32.dll [2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\dllcache\kernel32.dll [2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\kernel32.dll [2009/03/21 16:00:17 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=C3AF0EEE26B59484E674673E3016AAB7 -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll [2006/03/02 14:00:00 | 001,048,576 | ---- | M] (Microsoft Corporation) MD5=C88F74591579DBDE273C61312B2D3886 -- C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll [2012/10/03 06:57:29 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=CB4292C6D077188C726B2EE073E5D3BE -- C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll [2006/07/05 12:56:38 | 001,049,088 | ---- | M] (Microsoft Corporation) MD5=CE4AF1FA47A29ADF97CB107775CE395C -- C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll [2006/07/05 12:58:13 | 001,050,112 | ---- | M] (Microsoft Corporation) MD5=FB85EF2A6713E3A58A497E093626B93C -- C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2008/04/14 04:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll [2008/04/14 04:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll [2008/06/20 19:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=58AF8498C62E1E1DAB5AE59C6E08C180 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll [2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\ERDNT\cache\mswsock.dll [2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\dllcache\mswsock.dll [2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\mswsock.dll [2006/03/02 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6FA2DDF70DC9B762EBF8920F89B6BEA3 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll [2008/06/20 19:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [2008/06/20 19:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2006/03/02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2006/03/02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2007/02/09 13:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys [2007/02/09 13:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys [2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys [2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys [2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys [2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS [2006/03/02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys [color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color] [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\ERDNT\cache\ntmssvc.dll [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\system32\ntmssvc.dll [2006/03/02 14:00:00 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=951543FFB84012D13F4CB09DA2EACE96 -- C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll [color=#A23BEC]< MD5 for: NVATA.SYS >[/color] [2006/01/27 08:04:16 | 000,099,584 | R--- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\WINDOWS\system32\drivers\nvata.sys [color=#A23BEC]< MD5 for: NVGTS.SYS >[/color] [2008/11/12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=75E2E77C5497F34E60491D27BF03F1CB -- C:\NVIDIA\nForceWinXPInt\15.26\IDE\WinXP\sata_ide\nvgts.sys [2008/11/12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=75E2E77C5497F34E60491D27BF03F1CB -- C:\WINDOWS\system32\drivers\nvgts.sys [2008/11/12 16:59:06 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EB82606FCD8C5D039ADA33BD46FE7F8 -- C:\NVIDIA\nForceWinXPInt\15.26\IDE\WinXP\sataraid\nvgts.sys [2008/01/25 14:01:06 | 000,132,096 | R--- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\nvgts.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe [2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\system32\proquota.exe [2006/03/02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=D1F3E5EE7F2D9E0B82A2049A2F03D6A7 -- C:\WINDOWS\$NtServicePackUninstall$\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2006/03/02 14:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=659F7B6C502051BFA37910614B225548 -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\ERDNT\cache\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\bits\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2006/03/02 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFCFILES.DLL >[/color] [2006/03/02 14:00:00 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=6D8F3AC555E3F8A569AA9B2A817698C1 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll [2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll [2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll [2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\system32\sfcfiles.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [2008/04/14 04:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe [2008/04/14 04:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\ERDNT\cache\spoolsv.exe [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe [2005/06/11 02:17:13 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [2005/06/11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe [2006/03/02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DF9FC62AD51CB082B0AE371919A232CB -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2006/03/02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ERDNT\cache\svchost.exe [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\ERDNT\cache\termsrv.dll [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\system32\termsrv.dll [2006/03/02 14:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=78F90C3E230AD122BCB116ABAD5FEFE9 -- C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2006/03/02 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ERDNT\cache\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2006/03/02 14:00:00 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=313B1A0D5DB26DFE1C34A6C13B2CE0A7 -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys [2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys [2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\drivers\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2008/04/23 06:16:40 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=02D6AABD5F5A32C61478B5CDFE50E4A8 -- C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll [2008/12/21 00:47:04 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=0551C946E305CEE0A79BA744DC141BFC -- C:\WINDOWS\ie8\wininet.dll [2007/01/04 16:02:18 | 000,669,184 | ---- | M] (Microsoft Corporation) MD5=114342601AC7EA73B0D2A0ED8505B8B9 -- C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll [2007/01/04 16:02:18 | 000,669,184 | ---- | M] (Microsoft Corporation) MD5=114342601AC7EA73B0D2A0ED8505B8B9 -- C:\WINDOWS\ie7\wininet.dll [2012/05/16 17:06:36 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=1A5B88015B3823D31C5842DE0DBFE842 -- C:\WINDOWS\ie8updates\KB2722913-IE8\wininet.dll [2007/06/27 15:24:19 | 000,823,808 | ---- | M] (Microsoft Corporation) MD5=2274862267D7445E7010D9AF826E89C3 -- C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll [2007/01/04 15:55:24 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=25D38FFA2B441E326850AE4CB67D1A91 -- C:\WINDOWS\$NtUninstallKB928090$\wininet.dll [2012/07/02 19:38:43 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=29FEC860C77934244D28213C24A6E110 -- C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll [2007/04/25 09:40:25 | 000,822,784 | ---- | M] (Microsoft Corporation) MD5=2C138AB59E2FFA06E8952AE656E443C5 -- C:\WINDOWS\ie7updates\KB937143-IE7\wininet.dll [2007/08/20 11:49:28 | 000,825,344 | ---- | M] (Microsoft Corporation) MD5=2DD1B0F579C80562EDCB8848FF7EA9F6 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [2010/12/21 01:52:01 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=2F0037D24E82840EF1D47B635B37301A -- C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [2012/07/02 19:39:50 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=3702C4555CE284742F80364D7904BA73 -- C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll [2007/03/23 11:29:39 | 000,823,296 | ---- | M] (Microsoft Corporation) MD5=375B58A68A016546535A84060092325C -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll [2008/10/16 21:33:22 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=37D1A1BFE3D9904F2C3D11592456F9C0 -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [2009/08/29 09:51:08 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=39E483C39E0EED381977EC1121ADD2BF -- C:\WINDOWS\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll [2013/03/02 03:54:04 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3FB34DDAAED61D8451C514A91D1699D2 -- C:\WINDOWS\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll [2009/12/21 21:01:32 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=413508B6F20DAA22074E3E1558850447 -- C:\WINDOWS\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [2007/04/25 10:26:36 | 000,823,808 | ---- | M] (Microsoft Corporation) MD5=47DDAD237F60729DEA2B9E0E2382B58F -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll [2013/03/02 03:55:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=48309E1F5ED8E72783EEFBA04898BDA1 -- C:\WINDOWS\ERDNT\cache\wininet.dll [2013/03/02 03:55:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=48309E1F5ED8E72783EEFBA04898BDA1 -- C:\WINDOWS\system32\dllcache\wininet.dll [2013/03/02 03:55:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=48309E1F5ED8E72783EEFBA04898BDA1 -- C:\WINDOWS\system32\wininet.dll [2008/04/14 04:33:48 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=4A6E04EA20F48D750D9BFED8600D516B -- C:\WINDOWS\ServicePackFiles\i386\wininet.dll [2008/08/26 11:10:29 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=4B0E70D44297877A313045BD059770E1 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [2008/12/21 01:47:36 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=4E192082A5FCE9EF19198A24CDEA3442 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll [2006/03/02 14:00:00 | 000,660,480 | ---- | M] (Microsoft Corporation) MD5=4E958B97EFC3D801F49283D1820F48B7 -- C:\WINDOWS\$NtUninstallKB928090_0$\wininet.dll [2007/12/07 04:08:34 | 000,824,832 | ---- | M] (Microsoft Corporation) MD5=4FC90BECE54FAC81B0090B94E27BFB6B -- C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll [2012/11/01 14:15:37 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=51A9018D2872998747A12DE8F1897D38 -- C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll [2008/06/23 17:40:08 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=52589BAE67DD9859724287372668690B -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [2012/05/16 17:05:31 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=55DEA0699C49199F80D41B8177708169 -- C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll [2010/11/06 02:25:05 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=59EED8A2D9A36A824834E0CFDB403A71 -- C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [2008/03/01 14:34:33 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=5A0093F59B505C008ED0CEE615563C72 -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [2011/12/17 21:43:31 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=5C72F65D2F038E0BF481326423F9D266 -- C:\WINDOWS\ie8updates\KB2675157-IE8\wininet.dll [2011/06/23 20:29:27 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=66B28BE3DD3BDBD020B4317AD7051427 -- C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [2009/03/08 05:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll [2007/06/27 16:14:09 | 000,824,320 | ---- | M] (Microsoft Corporation) MD5=7201D19B81883B57D5FFE8EBB5A83E8B -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll [2009/05/13 07:08:00 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=722E8ABB39238BAD1B1E13D97C49DB4D -- C:\WINDOWS\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll [2010/09/10 07:47:27 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=73F26DB9C92C7A8259B534451E3B18F9 -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [2007/02/27 15:26:24 | 000,822,784 | ---- | M] (Microsoft Corporation) MD5=75DE73E328E300CAED5965FAEA2F5D3F -- C:\WINDOWS\ie7updates\KB933566-IE7\wininet.dll [2008/04/23 09:19:27 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=78D3D2B0BE6AD3E6D82CCB115CF74310 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [2012/03/01 12:58:11 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7960ADFC62197E5262A8A72A9FE99C43 -- C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [2007/10/11 01:22:19 | 000,825,344 | ---- | M] (Microsoft Corporation) MD5=871AE10D6AE8877E9636AE5017953D52 -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [2011/02/23 01:25:24 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=8B466303E57E69AC1F82849006BADAAD -- C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [2008/03/01 14:58:11 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=8E027981DDFFA690D456FE18B37415A0 -- C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll [2006/11/07 21:03:36 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=92995334F993E6E49C25C6D02EC04401 -- C:\WINDOWS\ie7updates\KB928090-IE7\wininet.dll [2011/08/23 01:40:21 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=96F7E8DFF026E48DD7655DBFC47E7944 -- C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [2010/06/24 14:28:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9BB4D31E5EF3BA1FBA3ECBECD85B3360 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [2012/12/26 22:05:34 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=A1C6DA4AE31AAE1B623A1432038A134D -- C:\WINDOWS\$hf_mig$\KB2792100-IE8\SP3QFE\wininet.dll [2008/06/23 18:28:23 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=AC0BD61DC2C64906FBFE50E005FEFA2C -- C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll [2009/07/03 19:01:30 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=B0249F1B9F68E55CB7D2656339D13323 -- C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll [2011/11/04 21:13:29 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=B0DF02C2326381D64149F3EEFAE5E09D -- C:\WINDOWS\ie8updates\KB2647516-IE8\wininet.dll [2010/02/25 08:11:51 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=B667625B38B5EA389044F90BDE80C4FD -- C:\WINDOWS\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [2010/05/06 12:33:44 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=B98E84E2CD3EE25D6D41936352E93112 -- C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll [2007/10/11 01:49:45 | 000,824,832 | ---- | M] (Microsoft Corporation) MD5=BC5119C53BDD48DABC628D448A3BDCCB -- C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll [2007/01/12 09:27:42 | 000,822,784 | ---- | M] (Microsoft Corporation) MD5=BE43D00D802C92F01C8CC952C6F483F8 -- C:\WINDOWS\ie7updates\KB931768-IE7\wininet.dll [2010/05/06 12:27:42 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=C906F4EA76E7BEC9255776E626086B95 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [2011/11/04 21:12:19 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=CC5816AA2B0EB20BA52D5622A7C1DED3 -- C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [2013/02/05 21:55:30 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=CD6DD7CD80EEFEC4A95B8D156B074036 -- C:\WINDOWS\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll [2008/10/16 22:18:43 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=CFBFA47415E85018E2CDC509E5E3D011 -- C:\WINDOWS\ie7updates\KB961260-IE7\wininet.dll [2012/08/28 17:04:59 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D0E5BB7F1F2B2A86CE809CC8EA9CB5B5 -- C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll [2012/03/01 13:00:23 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D44608FCA100A5C48053588517517028 -- C:\WINDOWS\ie8updates\KB2699988-IE8\wininet.dll [2008/08/26 10:11:54 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=E30CACD98479B36A3DBFA3267BF62DD0 -- C:\WINDOWS\ie7updates\KB958215-IE7\wininet.dll [2011/04/25 18:04:06 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=E996F26337B0DEA2650CEAD393C15B82 -- C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [2012/11/01 14:17:51 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=E9C2CF196F769DE332181121B37518E7 -- C:\WINDOWS\ie8updates\KB2792100-IE8\wininet.dll [2012/08/28 17:03:48 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=ECB2FC839288380533043CF2E91E51E6 -- C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll [2009/10/29 09:37:06 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F461ACD33F06BF1FB28FFF1EF345FE63 -- C:\WINDOWS\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [2007/12/07 03:42:22 | 000,825,344 | ---- | M] (Microsoft Corporation) MD5=F4FD487241D3AC291046A22CEBD2CF71 -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [2012/12/26 22:06:36 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F60FB84A5F9DC64C62B5EDADD399C38B -- C:\WINDOWS\ie8updates\KB2809289-IE8\wininet.dll [2007/08/20 11:59:31 | 000,824,832 | ---- | M] (Microsoft Corporation) MD5=F6DFCEED3A7AA4C9EEB966D3F1ADC70A -- C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll [2011/12/17 21:42:36 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=FBF4D9A8AE222337063B7DF8881F5AE5 -- C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [2013/02/05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=FCDD66EE148885E900285ADE8417E40B -- C:\WINDOWS\ie8updates\KB2817183-IE8\wininet.dll [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006/03/02 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2006/03/02 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2006/03/02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=EED74B969B2CA1ACC558FF60FB420E28 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll [2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\ERDNT\cache\ws2_32.dll [2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll [2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\system32\ws2_32.dll [color=#A23BEC]< MD5 for: XMLPROV.DLL >[/color] [2006/03/02 14:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=912591E2055E26566D1CB54092A7E8B0 -- C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\ERDNT\cache\xmlprov.dll [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\system32\xmlprov.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color] "Debug" = "Kmode" = %SystemRoot%\system32\win32k.sys -- [2013/03/02 03:57:47 | 001,867,392 | ---- | M] (Microsoft Corporation) "Optional" = Posix [binary data] "Posix" = %SystemRoot%\system32\psxss.exe "Required" = DebugWindows [binary data] "Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS] "CsrSrvSharedSectionBase" = 2137980928 [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2007/04/06 21:03:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2007/04/06 21:03:52 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2007/04/06 21:03:52 | 000,438,272 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2007/04/06 19:20:59 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini [2007/04/06 19:25:34 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT [2007/08/27 14:42:12 | 000,000,436 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E1902DB3-0359-47E4-8DE5-9D631FFAABBF}.job [2010/11/10 11:01:26 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [2012/02/28 13:31:13 | 000,000,460 | ---- | C] () -- C:\WINDOWS\Tasks\At1.job [2012/02/28 13:31:13 | 000,000,460 | ---- | C] () -- C:\WINDOWS\Tasks\At2.job [2012/02/28 13:31:13 | 000,000,460 | ---- | C] () -- C:\WINDOWS\Tasks\At3.job [2012/02/28 13:31:13 | 000,000,460 | ---- | C] () -- C:\WINDOWS\Tasks\At4.job [2012/02/28 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\Tasks\HP Photo Creations Messager.job [2013/02/12 15:51:00 | 000,001,002 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job < End of report >