OTL logfile created on: 02/02/2013 22:13:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gael\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,99 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,16% Memory free 4,83 Gb Paging File | 3,91 Gb Available in Paging File | 80,95% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 41,67 Gb Free Space | 27,96% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 376,12 Gb Free Space | 80,75% Space Free | Partition Type: NTFS Computer Name: MAINGUET-65E7F3 | User Name: Gael | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/02/02 22:09:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gael\Bureau\OTL.exe PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012/06/21 04:01:58 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE PRC - [2011/06/09 13:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe PRC - [2011/06/09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2010/08/03 10:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe PRC - [2010/08/03 09:44:06 | 000,498,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe PRC - [2010/08/03 09:43:56 | 000,477,768 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe PRC - [2010/08/03 09:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe PRC - [2010/08/03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe PRC - [2010/08/03 09:42:52 | 000,523,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe PRC - [2010/08/03 09:42:42 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2010/04/05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008/08/20 15:20:36 | 005,971,968 | ---- | M] () -- C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe PRC - [2008/05/26 18:34:48 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/05/22 18:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2010/04/05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe MOD - [2009/02/27 16:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008/08/20 15:20:36 | 005,971,968 | ---- | M] () -- C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe MOD - [2008/05/26 18:34:48 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe MOD - [2008/04/15 10:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\EPU-6 Engine\AsSpindownTimeout.dll MOD - [2008/04/14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/02/25 15:08:54 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.dll MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll MOD - [2005/05/11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU-6 Engine\pngio.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/01/29 09:33:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/01/16 21:09:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/01/08 12:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/07/07 12:29:12 | 002,152,152 | ---- | M] (Lavasoft Limited) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2012/06/21 04:01:58 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc) SRV - [2012/05/15 11:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2010/04/05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gael\LOCALS~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/02/02 21:28:18 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E008669-DD35-4659-8FAD-3B39579366D1}\MpKslb41a5333.sys -- (MpKslb41a5333) DRV - [2012/02/23 17:11:24 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2011/08/18 14:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd) DRV - [2011/08/18 14:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2011/08/17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011/08/17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011/08/17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011/08/17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/10/02 17:23:00 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010/10/02 17:22:59 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2008/09/01 07:03:02 | 000,272,424 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv64xx.sys -- (mv64xx) DRV - [2008/06/23 23:21:48 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx) DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007/12/06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2007/06/29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2007/02/03 09:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/03 09:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) DRV - [2006/03/17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004/08/13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {E591861F-D2C5-46B8-BB46-03CD386E1A9E} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7b84f2038e-bf0c-4b51-a76c-6b9f3e950a40%7d&q={searchTerms} IE - HKLM\..\SearchScopes\{E591861F-D2C5-46B8-BB46-03CD386E1A9E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 36 3E 78 31 B9 A2 CA 01 [binary data] IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7b84f2038e-bf0c-4b51-a76c-6b9f3e950a40%7d&q={searchTerms} IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Chercher Malin: "URL" = http://www.cherchermalin.com/result.php?t=Q0910252302&s=b&keywords={searchTerms} IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\SearchScopes\{E591861F-D2C5-46B8-BB46-03CD386E1A9E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-823518204-963894560-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590 FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@agconcept/alinea3ddressing: C:\Program Files\Alinéa\Dressing\\NPAlinea3DDressing.dll File not found FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files\Downloader\npdd.dll (Metaboli) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.8a: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Gael\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/08/02 15:04:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/28 20:09:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/15 17:16:03 | 000,000,000 | ---D | M] [2009/05/21 13:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gael\Application Data\Mozilla\Extensions [2012/01/14 21:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gael\Application Data\Mozilla\Extensions\home2@tomtom.com [2009/05/21 13:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gael\Application Data\Mozilla\Extensions\maxtv@developer.max-tv.be [2012/12/27 11:23:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gael\Application Data\Mozilla\Firefox\Profiles\wcpms8rm.default\extensions [2010/05/01 22:17:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Gael\Application Data\Mozilla\Firefox\Profiles\wcpms8rm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013/01/28 20:09:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/01/24 09:24:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/01/16 21:10:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2013/01/17 01:59:08 | 000,001,240 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml [2013/01/17 01:59:07 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml [2013/01/17 01:59:07 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2013/01/17 01:59:07 | 000,001,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml [2013/01/17 01:59:07 | 000,001,165 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: YouTube = C:\Documents and Settings\Gael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe () O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe () O4 - HKU\.DEFAULT..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe (Orange) O4 - HKU\S-1-5-18..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe (Orange) O4 - HKU\S-1-5-19..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe (Orange) O4 - HKU\S-1-5-20..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe (Orange) O4 - HKU\S-1-5-21-823518204-963894560-1417001333-1003..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-823518204-963894560-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O15 - HKU\S-1-5-21-823518204-963894560-1417001333-1003\..Trusted Domains: caixa.gov.br ([www] https in Sites de confiance) O16 - DPF: {0E8FB6E3-783C-11D8-AA67-00E018B0585C} http://users.skynet.be/sky37131/TestLABMark.ocx (TestLABMarkActiveXContrôle) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab (DLM Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235567009453 (WUWebControl Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_1_0.cab (Reg Error: Key error.) O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab (VirginMega.DMFacade.Interface) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {A40ED8B3-F960-11D4-8DF3-89955D701717} http://users.skynet.be/sky37131/TestLABCPU_proj.ocx (TestLABCPUContrôle) O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab (Creative Toolbox Plug-in) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/virtualmark/tc/FMSI.cab (Futuremark SystemInfo) O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA0E80EB-1AD6-434C-B3B4-BBD528085C19}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Gael\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gael\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/02/25 12:52:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{3c899672-0371-11de-b889-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{3c899672-0371-11de-b889-806d6172696f}\Shell\AutoRun\command - "" = D:\.\Bin\Assetup.exe O33 - MountPoints2\{43da8a32-4f3d-11e2-8ceb-002354f356f0}\Shell - "" = AutoRun O33 - MountPoints2\{43da8a32-4f3d-11e2-8ceb-002354f356f0}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{5442d821-0d39-11e2-8c7c-002354f356f0}\Shell - "" = AutoRun O33 - MountPoints2\{5442d821-0d39-11e2-8c7c-002354f356f0}\Shell\AutoRun\command - "" = F:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: ias - File not found NetSvcs: iprip - File not found NetSvcs: irmon - File not found NetSvcs: nwcworkstation - File not found NetSvcs: nwsapagent - File not found NetSvcs: wmdmpmsp - File not found MsConfig - Services: "WMPNetworkSvc" MsConfig - Services: "VSSERV" MsConfig - Services: "PnkBstrA" MsConfig - Services: "ose" MsConfig - Services: "odserv" MsConfig - Services: "NVSvc" MsConfig - Services: "LIVESRV" MsConfig - Services: "Lavasoft Ad-Aware Service" MsConfig - Services: "idsvc" MsConfig - Services: "gupdate" MsConfig - Services: "Arrakis3" MsConfig - Services: "scan" MsConfig - StartUpFolder: C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^Outil de détection de support PMB.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe - (Sony Corporation) MsConfig - StartUpFolder: C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^ubisoft register.lnk - C:\Program Files\Ubi Soft\Register\schedule.exe - (Ubi Soft) MsConfig - StartUpReg: [b]12Voip[/b] - hkey= - key= - C:\Program Files\12Voip.com\12Voip\12Voip.exe (12Voip) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]BDAgent[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]BitDefender Antiphishing Helper[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]BitTorrent DNA[/b] - hkey= - key= - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) MsConfig - StartUpReg: [b]boincmgr[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]boinctray[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]CanonMyPrinter[/b] - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) MsConfig - StartUpReg: [b]CanonSolutionMenuEx[/b] - hkey= - key= - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) MsConfig - StartUpReg: [b]Facebook Update[/b] - hkey= - key= - C:\Documents and Settings\Gael\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) MsConfig - StartUpReg: [b]Launch LCDMon[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Launch LGDCore[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]MyTomTomSA.exe[/b] - hkey= - key= - C:\Program Files\MyTomTom 3\MyTomTomSA.exe (TomTom) MsConfig - StartUpReg: [b]OrangePlayer[/b] - hkey= - key= - c:\program files\orange\media player\Media Player.exe (Orange) MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - C:\Program Files\Pando Networks\Media Booster\PMB.exe () MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: [b]Sony PC Companion[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]TomTomHOME.exe[/b] - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597) ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) CREATERESTOREPOINT System Restore Service not available. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/02/03 03:08:59 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2013/02/03 03:08:54 | 000,000,000 | ---D | C] -- C:\_OTL [2013/02/02 22:09:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gael\Bureau\OTL.exe [2013/02/02 21:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP [2013/02/02 21:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2013/02/02 21:45:00 | 000,000,000 | ---D | C] -- C:\ZHP [2013/02/02 21:44:38 | 003,876,312 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Gael\Bureau\ZHPDiag2.exe [2013/02/02 18:31:29 | 000,000,000 | -HSD | C] -- C:\found.000 [2013/01/28 15:59:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gael\Bureau\Cv Gael [2013/01/24 09:24:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/01/24 09:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype [2013/01/24 09:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype [2010/05/12 09:46:07 | 005,181,591 | ---- | C] (Axialis Software) -- C:\Documents and Settings\Gael\Application Data\screensaver_Beach.scr [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/02/02 22:09:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gael\Bureau\OTL.exe [2013/02/02 21:52:00 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/02/02 21:45:02 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2013/02/02 21:45:02 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2013/02/02 21:45:02 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2013/02/02 21:44:42 | 003,876,312 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Gael\Bureau\ZHPDiag2.exe [2013/02/02 21:33:15 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/02/02 21:26:00 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-823518204-963894560-1417001333-1003UA.job [2013/02/02 21:25:28 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/02/02 21:15:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/02/02 21:15:38 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/02/02 21:15:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/02/01 13:45:42 | 000,531,222 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2013/02/01 13:45:42 | 000,459,634 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/02/01 13:45:42 | 000,094,716 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2013/02/01 13:45:42 | 000,078,918 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/31 16:23:35 | 000,025,224 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\Twisted Sister - The Price.gp5 [2013/01/29 09:26:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-823518204-963894560-1417001333-1003Core.job [2013/01/28 20:09:14 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/01/28 20:09:14 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2013/01/28 18:19:05 | 000,062,498 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\RELEVES_MR MAINGUET GAEL OU MME_20130111[1].pdf [2013/01/28 16:05:41 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Gael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/01/24 09:35:41 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\Skype.lnk [2013/01/22 11:02:48 | 000,072,554 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\FERRANDI-dossier-de-candidature-2013-2014.pdf [2013/01/17 18:22:10 | 007,323,472 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\Portugués...pdf [2013/01/09 09:25:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/05 16:48:29 | 005,316,167 | ---- | M] () -- C:\Documents and Settings\Gael\Bureau\dymo mode emploi.pdf [2013/01/05 13:32:07 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/02/02 21:45:02 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2013/02/02 21:45:02 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2013/02/02 21:45:02 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2013/01/31 16:23:35 | 000,025,224 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\Twisted Sister - The Price.gp5 [2013/01/29 09:16:37 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/28 20:09:14 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2013/01/28 18:19:05 | 000,062,498 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\RELEVES_MR MAINGUET GAEL OU MME_20130111[1].pdf [2013/01/27 12:12:01 | 000,035,724 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\Tesla - Song Emotion.gp3 [2013/01/24 09:35:41 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\Skype.lnk [2013/01/22 11:02:47 | 000,072,554 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\FERRANDI-dossier-de-candidature-2013-2014.pdf [2013/01/17 18:21:57 | 007,323,472 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\Portugués...pdf [2013/01/05 16:48:29 | 005,316,167 | ---- | C] () -- C:\Documents and Settings\Gael\Bureau\dymo mode emploi.pdf [2012/07/10 12:28:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2012/07/10 12:28:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2012/07/07 14:33:02 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2012/02/19 17:50:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2012/02/15 09:41:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/07/07 03:05:06 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011/07/02 23:03:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2011/07/02 23:03:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2011/07/02 23:03:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010/09/09 20:18:11 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Gael\Application DataProductTweaks.xml [2010/03/02 08:22:40 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Gael\Application Data\bdfvconp.ini [2010/03/02 08:22:39 | 000,000,385 | ---- | C] () -- C:\Documents and Settings\Gael\Application Datauser_gensett.xml [2010/01/31 21:36:06 | 000,000,310 | ---- | C] () -- C:\Documents and Settings\Gael\UnifiedToolbarCleanup.bat [2010/01/31 21:33:14 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Gael\KiweeChatbarCleanup.bat [2009/10/25 13:46:54 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\Gael\Local Settings\Application Data\juxtgi.exe [2009/09/15 13:00:20 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Gael\Application Dataprivacy.xml [2009/03/06 11:55:20 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Gael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/01 20:49:56 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gael\Local Settings\Application Data\fusioncache.dat [2009/02/27 09:13:47 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Gael\Application Data\PnkBstrK.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/02/27 09:26:21 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011/08/19 11:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alinea3D [2012/03/14 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/06/27 20:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net [2010/01/30 18:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare [2011/08/02 15:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2012/08/28 16:02:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2012/08/28 16:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP [2012/08/28 17:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ [2012/08/28 16:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2 [2012/08/28 16:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup [2012/08/28 16:54:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter [2013/02/01 13:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM [2012/08/28 17:15:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan [2012/08/28 16:54:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX [2012/08/28 16:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt [2010/03/17 21:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2010/11/01 13:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts [2012/10/20 12:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Element Technologie [2009/02/26 21:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funcom [2009/07/19 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2010/10/04 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2009/08/20 14:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings [2011/10/01 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2012/12/26 10:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010/10/02 22:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages [2010/10/03 18:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft [2011/03/25 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft [2009/09/11 07:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} [2012/10/16 10:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\.minecraft [2012/04/07 20:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\12Voip [2011/08/02 17:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\BitDefender [2009/03/15 11:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\BitTorrent [2011/03/25 12:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Broad Intelligence [2012/08/28 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Canon [2012/08/28 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Canon Easy-WebPrint EX [2009/05/21 13:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\DMV Technologies [2009/11/28 16:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\DNA [2012/10/23 15:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Element Technologie [2011/06/12 12:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\FileZilla [2010/07/25 15:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\FreeBurner [2010/08/09 11:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Icones [2011/08/10 10:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\ijjigame [2012/06/13 07:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Media Player [2011/09/24 21:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Mumble [2010/10/03 06:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\My Games [2010/12/26 17:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sony [2009/07/19 09:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sony Setup [2011/03/28 15:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\SystemRequirementsLab [2012/02/06 10:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Tific [2009/02/25 13:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TMP [2012/01/14 21:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TomTom [2012/01/17 16:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TS3Client [2010/10/03 18:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Ubisoft [2010/06/13 12:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Uniblue [2011/03/13 14:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\VDownloader [2010/09/20 07:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [2011/07/27 09:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\wargaming.net [2010/12/01 11:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Windows Live Writer [2011/03/25 12:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Xilisoft [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [2010/10/18 20:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2011/08/19 11:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alinea3D [2009/07/19 09:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2011/05/17 06:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2012/03/14 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/06/27 20:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net [2010/01/30 18:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare [2011/08/02 15:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2012/06/27 20:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment [2012/08/28 16:02:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2012/08/28 16:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP [2012/08/28 17:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ [2012/08/28 16:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2 [2012/08/28 16:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup [2012/08/28 16:54:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter [2013/02/01 13:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM [2012/08/28 17:15:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan [2012/08/28 16:54:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX [2012/08/28 16:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt [2010/03/17 21:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2010/11/01 13:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts [2012/10/20 12:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Element Technologie [2009/12/24 16:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2009/02/26 21:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funcom [2012/02/27 10:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2012/07/07 12:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2012/09/04 08:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd [2010/12/10 19:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech [2010/07/30 06:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/07/01 03:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee [2012/05/10 18:12:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2013/01/28 15:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2012/12/24 18:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla [2011/11/01 10:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software [2009/07/19 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/01/08 16:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero [2012/03/14 14:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton [2012/03/13 15:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2010/07/01 12:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2011/07/07 03:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA [2009/10/26 13:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2009/10/07 19:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2010/10/04 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2009/08/20 14:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings [2011/10/01 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2011/04/17 09:16:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SecuROM [2013/01/24 09:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2011/05/25 03:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras [2012/12/26 10:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010/07/25 10:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation [2011/02/06 11:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2009/08/20 15:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2010/10/02 22:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages [2010/10/02 17:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia [2010/10/03 18:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft [2009/02/25 14:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2011/03/25 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft [2009/09/11 07:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [2010/09/21 19:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22848\AcrobatUpdater.exe [2010/09/21 19:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22848\AdobeARM.exe [2010/09/21 19:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22848\ReaderUpdater.exe [2012/01/04 08:31:52 | 037,218,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\AdbeRdr950_fr_FR.exe [2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\2563\AcrobatUpdater.exe [2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\2563\AdobeARM.exe [2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\2563\AdobeARMHelper.exe [2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\2563\ReaderUpdater.exe [2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\5392\AcrobatUpdater.exe [2012/12/03 08:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\5392\AdobeARM.exe [2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\5392\AdobeARMHelper.exe [2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\5392\ReaderUpdater.exe [2012/12/08 14:59:26 | 000,455,360 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.exe [2012/06/27 20:48:20 | 000,499,712 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\ErrorReporter.exe [2012/09/22 11:14:03 | 006,011,072 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1363\Agent.exe [2012/12/08 14:59:26 | 006,121,152 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1544\Agent.exe [2012/12/08 14:59:42 | 000,533,184 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Client\Blizzard Launcher.exe [2012/10/16 08:26:35 | 017,673,408 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Client\Blizzard Launcher.1881\Blizzard Launcher.exe [2012/12/08 14:59:42 | 017,409,728 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Client\Blizzard Launcher.1949\Blizzard Launcher.exe [2012/06/27 20:48:17 | 001,868,408 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Setup\diablo3_frfr\Diablo III Setup.exe [2012/07/07 12:29:12 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe [2012/07/07 12:29:13 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe [2012/07/07 12:29:13 | 001,896,192 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe [2012/07/07 12:29:14 | 001,744,312 | ---- | M] (Lavasoft Limited ) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe [2012/07/07 12:29:14 | 001,254,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe [2012/07/07 12:29:15 | 000,658,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe [2012/07/07 12:29:20 | 000,016,432 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe [2012/07/07 12:29:20 | 001,159,232 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe [2012/07/07 12:29:16 | 000,704,520 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe [2012/07/07 12:29:16 | 000,822,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe [2009/12/26 17:55:30 | 001,956,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe [2010/07/01 03:24:37 | 001,025,992 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe [2011/05/25 08:25:59 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\WLMerger.exe [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [color=#A23BEC]< %APPDATA%\*. >[/color] [2012/10/16 10:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\.minecraft [2012/04/07 20:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\12Voip [2012/11/26 09:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Adobe [2009/09/20 20:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Apple Computer [2011/08/02 17:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\BitDefender [2009/03/15 11:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\BitTorrent [2011/03/25 12:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Broad Intelligence [2012/08/28 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Canon [2012/08/28 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Canon Easy-WebPrint EX [2009/05/21 13:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\DMV Technologies [2009/11/28 16:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\DNA [2009/06/28 09:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Download Manager [2010/03/16 10:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\dvdcss [2012/10/23 15:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Element Technologie [2011/06/12 12:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\FileZilla [2010/07/25 15:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\FreeBurner [2010/01/21 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Google [2010/08/09 11:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Icones [2009/02/25 12:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Identities [2011/08/10 10:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\ijjigame [2009/10/08 17:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\InstallShield [2009/02/26 21:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Macromedia [2010/07/30 06:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Malwarebytes [2012/06/13 07:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Media Player [2013/01/28 15:29:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Gael\Application Data\Microsoft [2009/02/26 09:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Mozilla [2011/09/24 21:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Mumble [2010/10/03 06:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\My Games [2011/11/01 11:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\NCH Software [2011/01/08 17:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Nero [2011/08/14 09:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\NVIDIA [2009/10/07 19:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Office Genuine Advantage [2009/05/05 13:39:08 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Gael\Application Data\SecuROM [2013/02/01 13:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Skype [2011/07/08 15:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\skypePM [2010/12/26 17:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sony [2009/10/08 17:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sony Corporation [2009/07/19 09:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sony Setup [2011/02/06 11:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Sun [2009/02/26 23:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Symantec [2011/03/28 15:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\SystemRequirementsLab [2009/03/11 20:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\teamspeak2 [2012/02/06 10:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Tific [2009/02/25 13:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TMP [2012/01/14 21:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TomTom [2012/01/17 16:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\TS3Client [2010/10/03 18:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Ubisoft [2010/06/13 12:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Uniblue [2011/03/13 14:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\VDownloader [2010/09/20 07:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [2010/12/13 17:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\vlc [2011/07/27 09:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\wargaming.net [2010/12/01 11:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Windows Live Writer [2009/03/20 17:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\WinRAR [2011/03/25 12:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gael\Application Data\Xilisoft [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011/08/10 10:31:48 | 3799,935,896 | ---- | M] () -- C:\Documents and Settings\Gael\Application Data\ijjigame\U_AVA_Setup.exe [2011/11/16 10:23:42 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Gael\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2012/01/24 09:50:38 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_532EEF936FFAE0ABE2522D.exe [2012/01/24 09:50:38 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_A290953C7595C4E6A1FDBA.exe [2012/04/15 10:26:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe [2009/10/08 17:31:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe [2011/06/25 15:59:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe [2009/06/05 13:48:13 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Gael\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2009/07/19 09:21:26 | 021,935,408 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Gael\Application Data\Sony Setup\A189E68E-2253-4c3b-86B7-D77E36F13C55\QuickTimeInstaller.exe [2008/04/02 18:07:14 | 002,613,088 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Setup.exe [2008/02/20 00:03:53 | 000,778,080 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Stub.exe [2008/01/25 16:57:36 | 000,031,576 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\FWCfg.exe [2008/01/18 18:43:28 | 001,250,656 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\COH32\COH32.exe [2008/01/18 18:58:48 | 001,996,336 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\COH64\COH64.exe [2008/02/26 15:50:42 | 000,448,352 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\MainStub.exe [2008/02/26 15:50:42 | 000,370,528 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\NSWRedir.exe [2008/02/26 15:50:44 | 000,988,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\osCheck.exe [2008/02/26 15:50:44 | 000,404,320 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\ScanStub.exe [2008/02/26 15:50:46 | 000,972,640 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\tpNetMap.exe [2008/02/25 06:21:32 | 000,096,424 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\Norton\app\WSCStub.exe [2008/02/21 15:49:04 | 000,051,576 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\NPC\HSLoader.exe [2008/02/21 15:49:08 | 000,036,728 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\NPC\isUAC.exe [2008/02/21 15:49:14 | 000,042,360 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\NPC\npcLULdr.exe [2008/02/21 15:49:16 | 000,082,808 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\NPC\npcLUStb.exe [2008/02/23 17:41:38 | 000,423,304 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\OPC\cltUAC.exe [2008/02/23 17:40:46 | 000,533,896 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\OPC\SSAutoRN.exe [2008/02/23 17:41:28 | 000,611,712 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\OPC\SYMCUW.exe [2008/01/22 15:09:02 | 002,368,888 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\SYMSHARE\IDS\IdsInst.exe [2008/02/06 23:49:36 | 000,443,760 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\SYMSHARE\SecHist\MCUI32.exe [2007/08/22 01:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\SYMSHARE\VASCAN\comHost.exe [2007/08/22 01:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\SYMSHARE\VASCAN64\comHost.exe [2008/02/23 17:40:46 | 000,533,896 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\SymLT\OPC\SSAutoRN.exe [2008/01/30 13:55:54 | 001,279,368 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\SymLT\PIF_96E2\pifCrawl.exe [2008/01/30 13:55:34 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\SymLT\PIF_96E2\PIFSvc.exe [2008/01/25 18:16:59 | 001,022,848 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Supp64\SEVINST\Sevntx64.exe [2008/02/26 09:34:20 | 000,137,568 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\Backup\Backup\buDump.exe [2008/02/18 12:37:38 | 000,051,048 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccApp.exe [2008/02/18 12:37:40 | 000,056,168 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccEvtMgr.exe [2008/02/18 12:37:10 | 000,268,648 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccLgView.exe [2008/02/18 12:37:18 | 000,046,440 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccSetMgr.exe [2008/02/18 12:37:54 | 000,876,392 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccSEUPDT.exe [2008/02/18 12:37:20 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\ccCommon\ccCommon\ccSvcHst.exe [2008/02/21 15:02:34 | 000,152,952 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\ALUNOTIF.EXE [2008/02/21 15:02:54 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\ALUSDSVC.EXE [2008/02/21 15:02:36 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\AUPDATE.EXE [2008/02/21 15:03:08 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LSETUP.EXE [2008/02/21 15:02:40 | 000,873,848 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LUALL.EXE [2008/02/21 15:02:48 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LUCBPRXY.EXE [2008/02/21 15:03:08 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LUCheck.exe [2008/02/21 15:02:46 | 003,220,856 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LUCOMSVR.EXE [2008/02/21 15:02:42 | 000,804,216 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\LuConfig.EXE [2008/02/21 15:02:44 | 000,016,760 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\LUpdate\WLUEX\NotifyHA.exe [2005/05/19 22:50:36 | 002,584,848 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\MSI\wiupdate.exe [2008/02/23 19:08:52 | 000,382,320 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\NCO\NCO\APP\COExport.exe [2008/02/23 19:08:18 | 000,095,600 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\NCO\NCO\APP\coVisPrx.exe [2007/11/29 17:15:06 | 000,288,088 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe [2008/02/20 00:03:58 | 000,160,112 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\Remover\Remover.exe [2008/02/20 00:03:51 | 000,990,056 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\Reporter\Reporter.exe [2008/01/25 18:16:58 | 000,832,896 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\SEVINST\SEVINST.EXE [2008/01/26 09:27:32 | 000,661,896 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe [2008/02/20 00:03:49 | 000,687,976 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\SymLnch\SymLnch.exe [2007/02/13 04:10:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\VCRedist\redist32.exe [2007/02/13 04:10:44 | 003,161,088 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gael\Application Data\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Support\VCRedist\redist64.exe [2011/03/28 15:07:40 | 000,071,752 | ---- | M] () -- C:\Documents and Settings\Gael\Application Data\SystemRequirementsLab\SystemRequirementsLab.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2011/07/13 03:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe [color=#A23BEC]< MD5 for: AEC.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:aec.sys [2008/04/13 09:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\dllcache\aec.sys [2008/04/13 09:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [color=#A23BEC]< MD5 for: ALG.EXE >[/color] [2008/04/14 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\system32\alg.exe [2008/04/14 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\system32\dllcache\alg.exe [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008/04/14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008/04/14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: CSRSS.EXE >[/color] [2008/04/14 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\system32\csrss.exe [2008/04/14 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\system32\dllcache\csrss.exe [color=#A23BEC]< MD5 for: CTFMON.EXE >[/color] [2008/04/14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\system32\ctfmon.exe [2008/04/14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\system32\dllcache\ctfmon.exe [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2008/04/14 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/04/14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008/04/14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe [color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys [2008/04/14 13:00:00 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\system32\drivers\i8042prt.sys [color=#A23BEC]< MD5 for: IMAPI.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:imapi.sys [2008/04/14 13:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys [color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:intelide.sys [color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color] [2008/04/14 13:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\dllcache\mountmgr.sys [2008/04/14 13:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys [color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mrxsmb.sys [2011/04/29 17:19:43 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=0DC719E9B15E902346E87E9DCD5751FA -- C:\WINDOWS\$NtUninstallKB2536276-v2$\mrxsmb.sys [2011/02/17 14:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=0EA4D8ED179B75F8AFA7998BA22285CA -- C:\WINDOWS\$NtUninstallKB2536276$\mrxsmb.sys [2009/12/04 19:22:22 | 000,455,424 | ---- | M] (Microsoft Corporation) MD5=421F7B922CEC5A5F340E7574A98F7B7C -- C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys [2009/12/04 18:25:56 | 000,456,832 | ---- | M] (Microsoft Corporation) MD5=602549D1E8A622E5746991F6C56B21CA -- C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys [2008/10/24 12:21:09 | 000,455,296 | ---- | M] (Microsoft Corporation) MD5=60AE98742484E7AB80C3C1450E708148 -- C:\WINDOWS\$NtUninstallKB978251$\mrxsmb.sys [2008/04/14 13:00:00 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\$NtUninstallKB957097$\mrxsmb.sys [2008/10/24 12:41:11 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=7170AB42B51954DEF2781A4D1CCE65F4 -- C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys [2011/07/15 14:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\Driver Cache\i386\mrxsmb.sys [2011/07/15 14:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\dllcache\mrxsmb.sys [2011/07/15 14:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/04/29 17:47:42 | 000,457,856 | ---- | M] (Microsoft Corporation) MD5=8DD801E28EB76FDA2A38907882A0036F -- C:\WINDOWS\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys [2010/02/24 12:57:57 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=D09B9F0B9960DD41E73127B7814C115F -- C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys [2010/02/24 14:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\$NtUninstallKB2511455$\mrxsmb.sys [2011/07/15 14:29:35 | 000,457,856 | ---- | M] (Microsoft Corporation) MD5=FB2FCCC70F7174C7BF64F48E96D3ADF4 -- C:\WINDOWS\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys [2011/02/17 14:19:38 | 000,457,472 | ---- | M] (Microsoft Corporation) MD5=FB7DFD15D760AD339837A470F0E780D3 -- C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008/04/14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll [2008/04/14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/04/14 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2008/04/14 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPCDD.SYS >[/color] [2008/04/14 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\dllcache\rdpcdd.sys [2008/04/14 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys [color=#A23BEC]< MD5 for: REDBOOK.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys [2008/04/13 19:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\system32\drivers\redbook.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 13:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll [2008/04/14 13:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2008/04/14 13:00:00 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\$NtUninstallKB956572$\services.exe [2009/02/09 12:16:53 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=62789101F9C2401ED598AA2CDE7450C0 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe [2009/02/09 12:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\dllcache\services.exe [2009/02/09 12:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\services.exe [color=#A23BEC]< MD5 for: SMSS.EXE >[/color] [2008/04/14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\system32\dllcache\smss.exe [2008/04/14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\system32\smss.exe [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [2008/04/14 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe [2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe [2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\dllcache\svchost.exe [2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/04/14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys [2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [color=#A23BEC]< MD5 for: TERMDD.SYS >[/color] [2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:termdd.sys [2008/04/13 19:34:54 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe [2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: WIN32K.SYS >[/color] [2012/07/03 19:23:48 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=013A83C2EC0F5309094E8954FBE57501 -- C:\WINDOWS\$hf_mig$\KB2731847\SP3QFE\win32k.sys [2008/04/14 13:00:00 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\$NtUninstallKB954211$\win32k.sys [2010/05/02 09:02:25 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys [2012/04/11 14:51:40 | 001,862,400 | ---- | M] (Microsoft Corporation) MD5=17E46C7EE44E6BFA0CF398204282BF0C -- C:\WINDOWS\$NtUninstallKB2709162$\win32k.sys [2010/10/26 14:59:49 | 001,862,400 | ---- | M] (Microsoft Corporation) MD5=19209B83DC73BCA78558C2F220DB65E2 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys [2012/04/11 14:50:47 | 001,871,488 | ---- | M] (Microsoft Corporation) MD5=1A21AF886EC31258E012921D5E5E2398 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys [2012/10/22 20:56:28 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=1C9C57E4C90A6B54DF0B351F60E93ADB -- C:\WINDOWS\$NtUninstallKB2779030$\win32k.sys [2012/06/13 14:55:56 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=2FD5F789BEB85369A8ED6C15C3F84C40 -- C:\WINDOWS\$hf_mig$\KB2718523\SP3QFE\win32k.sys [2011/06/06 12:36:19 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=31C9FCD53634B437F36B0417DA48066A -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys [2010/12/31 15:04:24 | 001,855,104 | ---- | M] (Microsoft Corporation) MD5=3AB58BCEC87615E452991E8E257ADFA9 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys [2011/03/03 14:53:37 | 001,858,048 | ---- | M] (Microsoft Corporation) MD5=3BEDF6024160399E2AF010BB2E7F4F59 -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys [2012/06/13 14:55:13 | 001,866,240 | ---- | M] (Microsoft Corporation) MD5=456644216CE8EC984D0AEAAD1B6D33D0 -- C:\WINDOWS\$NtUninstallKB2731847$\win32k.sys [2009/08/14 16:58:52 | 001,859,840 | ---- | M] (Microsoft Corporation) MD5=479DD2D56488951B4842B6ECBB770239 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys [2012/05/15 14:55:20 | 001,872,256 | ---- | M] (Microsoft Corporation) MD5=4D28260F4C2D4BFBCA4C3B4DAFDFF580 -- C:\WINDOWS\$hf_mig$\KB2709162\SP3QFE\win32k.sys [2011/09/06 15:08:29 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=501628FE99EE77D59BFD29B6DC6803DA -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys [2012/05/15 14:55:57 | 001,863,296 | ---- | M] (Microsoft Corporation) MD5=5EF143AF88BC1298D6612794677F0BAD -- C:\WINDOWS\$NtUninstallKB2718523$\win32k.sys [2011/06/06 12:35:23 | 001,859,072 | ---- | M] (Microsoft Corporation) MD5=667C2CED1208788BD0FE1F6E8CFE1CD0 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys [2011/11/23 15:39:14 | 001,868,672 | ---- | M] (Microsoft Corporation) MD5=6B88EAB930D6D14019A627C1A9DFC4DD -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys [2009/02/09 15:05:54 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=6D791CDCE0B1551D95A81D69E7352EF5 -- C:\WINDOWS\$NtUninstallKB968537$\win32k.sys [2012/11/13 12:56:57 | 001,875,584 | ---- | M] (Microsoft Corporation) MD5=81A955EF9C0790DE7749F11D5525E2B4 -- C:\WINDOWS\$hf_mig$\KB2779030\SP3QFE\win32k.sys [2010/09/01 08:54:08 | 001,862,016 | ---- | M] (Microsoft Corporation) MD5=81C11BC7F3FAE0CC76941A8AB9B2ED1A -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys [2009/08/14 16:13:59 | 001,850,752 | ---- | M] (Microsoft Corporation) MD5=8441F8A5DC42BD5F2BEAA95297EE0E10 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys [2008/09/15 16:26:07 | 001,846,528 | ---- | M] (Microsoft Corporation) MD5=9F1A0FB5BD8ACECC6CB0A9130BD8F3C3 -- C:\WINDOWS\$NtUninstallKB958690$\win32k.sys [2009/02/09 14:59:50 | 001,847,680 | ---- | M] (Microsoft Corporation) MD5=A06AF7F6B26F2BDEFB0961D4641D6453 -- C:\WINDOWS\$hf_mig$\KB958690\SP3QFE\win32k.sys [2012/01/12 18:21:12 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=A274CBA14BE87AE4D6FF0DA6DEAA7618 -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys [2009/04/19 20:42:34 | 001,847,936 | ---- | M] (Microsoft Corporation) MD5=A4CB910DA61C2AB50D1D4E15CDA48D32 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys [2010/10/26 15:07:17 | 001,853,440 | ---- | M] (Microsoft Corporation) MD5=A872D428716E5C454D97F16785656351 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys [2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\dllcache\win32k.sys [2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\win32k.sys [2008/09/15 16:20:39 | 001,847,040 | ---- | M] (Microsoft Corporation) MD5=AC230363E6F0021E3F8336990F348A87 -- C:\WINDOWS\$hf_mig$\KB954211\SP3QFE\win32k.sys [2010/09/01 08:55:16 | 001,852,928 | ---- | M] (Microsoft Corporation) MD5=C71A8AFDCD34601F7FDE2DA3792CEAE9 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys [2012/01/12 18:20:33 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=C72AD6E77768B3DF200FF414CF306AD0 -- C:\WINDOWS\$NtUninstallKB2641653$\win32k.sys [2010/06/24 10:02:32 | 001,852,032 | ---- | M] (Microsoft Corporation) MD5=CA341AEF1BBBF1EF98B07E46681257D9 -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys [2012/02/03 10:56:28 | 001,869,312 | ---- | M] (Microsoft Corporation) MD5=CF530A5F9D22E93230A15F4C2E5AF228 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys [2011/11/23 15:40:17 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=D331A16F0A6AA63A738BB24F0E2D13EF -- C:\WINDOWS\$NtUninstallKB2660465$\win32k.sys [2010/05/02 09:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys [2012/10/22 20:56:44 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=DCADEADB39A9ACD3511375CE0D8643B9 -- C:\WINDOWS\$hf_mig$\KB2761226\SP3QFE\win32k.sys [2009/04/19 20:50:30 | 001,847,296 | ---- | M] (Microsoft Corporation) MD5=E2D4E6609DCF4175FCC8BCA489F28D9C -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys [2011/03/03 14:52:12 | 001,867,008 | ---- | M] (Microsoft Corporation) MD5=E832E04ADDD745DC462ED800E8416B9C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys [2012/02/03 10:58:01 | 001,860,224 | ---- | M] (Microsoft Corporation) MD5=E94CA8AA938E7BB5D2D8BBCEBC95124B -- C:\WINDOWS\$NtUninstallKB2676562$\win32k.sys [2010/06/24 22:29:54 | 001,861,248 | ---- | M] (Microsoft Corporation) MD5=F1AEB1184052F4598390CE4CD638CA14 -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys [2012/07/03 19:27:23 | 001,866,240 | ---- | M] (Microsoft Corporation) MD5=F1FE5A1B252429FF7121E6E7717DCBA2 -- C:\WINDOWS\$NtUninstallKB2761226$\win32k.sys [2010/12/31 15:02:58 | 001,864,192 | ---- | M] (Microsoft Corporation) MD5=FA7694CA8CE7E7660676C646A15A3CEE -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys [2011/09/06 15:10:01 | 001,859,072 | ---- | M] (Microsoft Corporation) MD5=FD0E6DD2893EB98845EA3C84A774A926 -- C:\WINDOWS\$NtUninstallKB2639417$\win32k.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2009/02/25 20:33:47 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2009/02/25 20:33:47 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2009/02/25 20:33:47 | 000,499,712 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < End of report >