OTL logfile created on: 06/06/2013 15:56:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Sébastien\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 895,36 Mb Total Physical Memory | 324,80 Mb Available Physical Memory | 36,28% Memory free 2,12 Gb Paging File | 1,39 Gb Available in Paging File | 65,92% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,99 Gb Total Space | 10,88 Gb Free Space | 36,28% Space Free | Partition Type: NTFS Drive D: | 150,45 Gb Total Space | 131,23 Gb Free Space | 87,22% Space Free | Partition Type: NTFS Computer Name: SEB-FANNY | User Name: Sébastien | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/06/06 15:53:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Sébastien\Mes documents\Téléchargements\OTL.exe PRC - [2013/05/24 11:12:42 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/05/13 15:21:37 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2013/05/13 15:21:32 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/03/29 22:36:34 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013/03/29 22:35:42 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013/03/29 22:35:34 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012/09/17 13:41:58 | 000,508,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe PRC - [2012/09/17 13:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE PRC - [2011/10/28 13:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe PRC - [2008/08/14 18:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe PRC - [2008/08/14 18:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe PRC - [2008/08/14 18:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe PRC - [2008/07/26 09:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008/07/26 09:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/01/25 15:32:56 | 000,689,416 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe PRC - [2008/01/25 15:32:48 | 000,191,240 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LULnchr.exe PRC - [2007/07/15 11:08:57 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2005/10/24 14:45:16 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2005/05/11 13:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe PRC - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe PRC - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe PRC - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe PRC - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe PRC - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/05/24 11:12:41 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/04/28 22:28:32 | 000,474,112 | ---- | M] () -- C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll MOD - [2013/02/26 12:48:29 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2008/08/14 18:21:40 | 000,121,616 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.DLL MOD - [2008/08/14 18:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe MOD - [2008/08/14 18:13:30 | 000,149,264 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008/08/14 18:13:08 | 000,165,136 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiCordless4001.dll MOD - [2008/08/14 18:13:08 | 000,138,000 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiCordless.dll MOD - [2008/08/14 18:12:10 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll MOD - [2008/08/14 18:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe MOD - [2008/08/14 18:11:48 | 000,345,872 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\DevMngr.dll MOD - [2008/07/26 09:24:04 | 000,068,120 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007/07/15 11:02:28 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll MOD - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe MOD - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe MOD - [2005/05/11 13:49:26 | 000,061,522 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll MOD - [2005/05/11 13:49:24 | 000,184,408 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll MOD - [2005/05/11 13:49:24 | 000,028,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll MOD - [2005/05/11 13:47:40 | 000,229,458 | ---- | M] () -- c:\APPS\Powercinema\Kernel\HomeNetWorking\CLNetMedia.dll MOD - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Easybox\Apache\Apache.exe -- (EasyBoxApache) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013/05/24 11:12:42 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/15 13:13:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/13 15:21:37 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2013/03/29 22:36:34 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/03/29 22:35:34 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/06/11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc) SRV - [2008/07/26 09:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008/07/26 09:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service) SRV - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) SRV - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) SRV - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () [Auto | Running] -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService) SRV - [2004/10/25 16:23:04 | 003,485,696 | ---- | M] () [On_Demand | Stopped] -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe -- (MysqlInventime) SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS) SRV - [2004/02/26 09:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2003/03/26 08:14:50 | 000,266,240 | ---- | M] (HP) [Auto | Stopped] -- D:\Documents and Settings\Sébastien\Local Settings\Temp\hpdj5100.exe -- (hpdj5100) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PLCMPR5.SYS -- (PLCMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/03/29 22:36:39 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013/03/29 22:36:39 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013/03/29 22:36:39 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013/02/26 12:49:07 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/07/26 17:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008/07/26 17:25:46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2008/07/26 17:22:32 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2008/07/26 17:22:20 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2008/07/26 09:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008/05/13 16:00:16 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo) DRV - [2006/11/06 22:07:12 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2006/06/23 00:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) DRV - [2005/10/26 16:08:26 | 003,786,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2005/08/03 23:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004/12/02 16:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{1EBCB7C6-BCC5-40B9-85B3-CC737F04F89A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10264&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=^AGV&apn_dtid=^YYYYYY^YY^FR&apn_uid=4af98aec-19fc-4171-a498-98bc0882ecd9&apn_sauid=06EEC071-9732-47FF-B35F-815D522673FE IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{1EBCB7C6-BCC5-40B9-85B3-CC737F04F89A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10264&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=^AGV&apn_dtid=^YYYYYY^YY^FR&apn_uid=4af98aec-19fc-4171-a498-98bc0882ecd9&apn_sauid=06EEC071-9732-47FF-B35F-815D522673FE IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 1B 01 3F 4E 4D CD 01 [binary data] IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes\${searchCLSID}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes\{7833CEE1-E160-460E-9DBF-92DD35389E47}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\SearchScopes\{E65824CE-B2B4-467F-A939-2B3630F3110B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10264&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=^AGV&apn_dtid=^YYYYYY^YY^FR&apn_uid=4af98aec-19fc-4171-a498-98bc0882ecd9&apn_sauid=06EEC071-9732-47FF-B35F-815D522673FE IE - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1069: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 11:12:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/24 11:12:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird1\components [2013/05/15 15:54:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird1\plugins [2013/05/15 13:42:09 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Sébastien\Application Data\Mozilla\Extensions [2010/11/04 22:50:28 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Sébastien\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013/06/06 12:29:01 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Sébastien\Application Data\Mozilla\Firefox\Profiles\dq2218pp.default\extensions [2011/06/01 08:51:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Documents and Settings\Sébastien\Application Data\Mozilla\Firefox\Profiles\dq2218pp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013/05/15 13:42:22 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- D:\Documents and Settings\Sébastien\Application Data\Mozilla\Firefox\Profiles\dq2218pp.default\extensions\{7abe12ca-e995-4ab4-9a4e-ef8820a20182} [2013/05/24 11:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/05/24 11:12:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013/05/24 11:12:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/05/24 11:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\toolbarex@nse.vn [2013/05/24 11:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/05/24 11:12:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Search-Results Toolbar) - {7abe12ca-e995-4ab4-9a4e-ef8820a20182} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll File not found O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {7abe12ca-e995-4ab4-9a4e-ef8820a20182} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll File not found O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O3 - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-2952272623-830884138-1575038206-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2952272623-830884138-1575038206-1006..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart File not found O4 - HKU\S-1-5-21-2952272623-830884138-1575038206-1006..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O4 - HKU\S-1-5-21-2952272623-830884138-1575038206-1006..\Run: [updateMgr] C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\READER\ADOBEUPDATEMANAGER.EXE (Adobe Systems Incorporated) O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {37E92FB8-76BF-445A-B12D-158D787680D4} http://www.smartphoto.fr/js/Uploader8.cab (Uploader Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} http://www.smartphoto.fr/ExtraFilmUploader6.cab (ExtraFilm Uploader Control) O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash4/cabs/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B86A9306-6C62-4D1B-A0D4-510AF370E48B}: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - AppInit_DLLs: (D:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL) - D:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 () - file:///D:/DOCUME~1/SBASTI~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif O24 - Desktop Components:1 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\Sébastien\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\Sébastien\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2fb66f6e-8e0c-11e1-8121-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{2fb66f6e-8e0c-11e1-8121-00038a000015}\Shell\AutoRun\command - "" = F:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation) MsConfig - StartUpFolder: D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Symantec Fax Starter Edition Port.lnk - C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]DeviceDiscovery[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]HPDJ Taskbar Utility[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]IMJPMIG8.1[/b] - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]pccguide.exe[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PCMService[/b] - hkey= - key= - c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.) MsConfig - StartUpReg: [b]PHIME2002A[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PHIME2002ASync[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) MsConfig - StartUpReg: [b]Ulead AutoDetector v2[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) MsConfig - StartUpReg: [b]Vade Retro Outlook Express[/b] - hkey= - key= - C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597) ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.dvacm - C:\Program Files\Fichiers communs\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.mpegacm - C:\Program Files\Fichiers communs\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.ulmp3acm - C:\Program Files\Fichiers communs\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/06/06 13:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/05/24 11:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/05/17 11:46:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Sébastien\Bureau\statuts shoes10 et OpenLink [2013/05/15 15:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird1 [2013/05/15 13:46:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Sébastien\Bureau\semi marathon troyes 2013 [2013/05/15 13:44:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Sébastien\AppData [2013/05/15 13:42:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Wincert [2013/05/15 13:42:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Sébastien\Application Data\jziptoolbargaw [2013/05/15 13:41:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Sébastien\Local Settings\Application Data\jZip [2013/05/15 13:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar [2013/05/15 13:41:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Datamngr [2013/05/15 13:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\jZip [1999/04/06 15:27:22 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Fichiers communs\IRAABOUT.DLL [1998/12/09 05:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Fichiers communs\IRAREG.DLL [1998/12/09 05:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Fichiers communs\IRAMDMTR.DLL [1998/12/09 05:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Fichiers communs\IRALPTTR.DLL [1998/12/09 05:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Fichiers communs\IRAWEBTR.DLL [1998/12/09 05:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Fichiers communs\IRASRIAL.DLL [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/06/06 15:59:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/06/06 15:30:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/06/06 15:12:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/06/06 14:51:15 | 000,027,156 | ---- | M] () -- C:\WINDOWS\hpdj5100.his [2013/06/06 14:51:15 | 000,004,398 | ---- | M] () -- C:\WINDOWS\hpdj5100.ini [2013/06/06 14:38:37 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/06/06 14:38:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/06/06 14:38:28 | 938,921,984 | -HS- | M] () -- C:\hiberfil.sys [2013/06/06 14:36:33 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A55E8462-3B39-49DD-829B-C119EB95E9A1}.job [2013/06/06 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013/06/06 10:10:02 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/06/05 20:40:01 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/06/05 16:07:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013/06/02 18:28:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/05/21 08:50:52 | 000,678,759 | ---- | M] () -- D:\Documents and Settings\Sébastien\Mes documents\Est Eclair Course des copines 2012.pdf [2013/05/20 13:33:21 | 000,086,528 | ---- | M] () -- D:\Documents and Settings\Sébastien\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/05/16 09:05:46 | 000,311,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/05/16 08:48:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/05/15 13:41:56 | 000,000,591 | ---- | M] () -- D:\Documents and Settings\Sébastien\Bureau\jZip.lnk [2013/05/15 13:41:56 | 000,000,591 | ---- | M] () -- D:\Documents and Settings\Sébastien\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk [2013/05/15 13:13:12 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/05/15 13:13:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/06/06 15:59:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/06/06 14:50:55 | 000,181,229 | ---- | C] () -- C:\WINDOWS\hpdj5100.hi1 [2013/06/06 14:50:55 | 000,011,505 | ---- | C] () -- C:\WINDOWS\hpdj5100.bu1 [2013/05/21 08:50:52 | 000,678,759 | ---- | C] () -- D:\Documents and Settings\Sébastien\Mes documents\Est Eclair Course des copines 2012.pdf [2013/05/15 13:41:56 | 000,000,591 | ---- | C] () -- D:\Documents and Settings\Sébastien\Menu Démarrer\Programmes\jZip.lnk [2013/05/15 13:41:56 | 000,000,591 | ---- | C] () -- D:\Documents and Settings\Sébastien\Bureau\jZip.lnk [2013/05/15 13:41:56 | 000,000,591 | ---- | C] () -- D:\Documents and Settings\Sébastien\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk [2013/03/04 17:06:38 | 000,000,057 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\Ament.ini [2012/11/16 15:36:34 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI [2012/02/15 07:59:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2010/05/19 22:11:48 | 000,374,272 | ---- | C] () -- D:\Documents and Settings\Sébastien\Local Settings\Application Data\hktvprs.exe [2006/11/12 20:18:21 | 000,086,528 | ---- | C] () -- D:\Documents and Settings\Sébastien\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/27 15:58:07 | 000,000,135 | ---- | C] () -- D:\Documents and Settings\Sébastien\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/08/23 16:53:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2007/09/09 10:44:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\avg7 [2009/05/08 12:34:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Azureus [2013/06/06 12:28:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Datamngr [2006/08/23 17:03:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2 [2013/04/20 12:21:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP [2006/08/23 17:10:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems [2006/08/23 17:05:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VadeRetro [2013/05/15 13:42:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Wincert [2007/02/03 23:35:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Application Data\AVG7 [2007/09/09 10:44:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\AVG7 [2009/05/08 15:20:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\Azureus [2013/04/11 13:41:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\CallingID [2013/05/24 22:38:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\jziptoolbargaw [2009/01/08 21:08:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\Leadertech [2006/11/03 20:50:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\MSNInstaller [2006/11/22 10:09:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\OD2 [2010/11/04 22:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\Thunderbird [2009/07/18 16:10:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\Ulead Systems [2006/11/10 15:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Sébastien\Application Data\VadeRetro [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2007/02/03 23:36:47 | 012,415,495 | ---- | M] () -- C:\AVG7QT.DAT [2006/08/23 17:00:06 | 000,000,215 | RHS- | M] () -- C:\BOOT.BAK [2010/11/18 20:09:07 | 000,000,296 | RHS- | M] () -- C:\BOOT.INI [2004/08/05 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/08/05 14:00:00 | 000,263,488 | RHS- | M] () -- C:\cmldr [2013/05/25 10:37:23 | 000,016,210 | ---- | M] () -- C:\drwtsn32.log [2006/08/23 16:47:22 | 000,005,365 | ---- | M] () -- C:\DWNLOG.TXT [2013/06/06 14:38:28 | 938,921,984 | -HS- | M] () -- C:\hiberfil.sys [2013/03/04 12:41:27 | 000,862,814 | ---- | M] () -- C:\hpfr5100.log [2008/02/09 14:54:50 | 000,000,426 | ---- | M] () -- C:\InstallHelper.log [2006/08/23 17:02:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006/08/23 17:04:25 | 000,000,835 | -H-- | M] () -- C:\IPH.PH [2007/07/08 09:53:58 | 000,003,287 | ---- | M] () -- C:\lvcoinst.log [2006/08/23 17:23:47 | 000,000,003 | ---- | M] () -- C:\MCDLOG.TXT [2006/08/23 17:02:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006/08/23 17:05:54 | 000,000,157 | ---- | M] () -- C:\MYInventimeSetup.log [2004/08/05 14:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2010/08/13 18:54:27 | 000,252,240 | ---- | M] () -- C:\NTLDR [2013/06/06 14:38:24 | 1408,278,528 | -HS- | M] () -- C:\pagefile.sys [2013/06/06 15:59:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2009/09/14 18:38:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm [2009/09/14 18:38:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2012/10/16 12:01:21 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover [2006/08/23 17:03:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2006/08/23 16:55:34 | 000,000,000 | ---D | M] -- C:\Program Files\AMD [2006/08/23 17:04:25 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.0 [2006/08/23 17:04:24 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Compagnon [2013/02/27 11:25:50 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2006/08/23 16:55:08 | 000,000,000 | ---D | M] -- C:\Program Files\AvRack [2006/11/03 14:32:11 | 000,000,000 | ---D | M] -- C:\Program Files\BeWAN ADSL V1.9.0.3 [2012/04/25 22:34:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2004/08/16 18:05:16 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications [2006/08/23 17:13:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink [2009/06/01 19:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\devolo [2009/05/08 15:26:55 | 000,000,000 | ---D | M] -- C:\Program Files\EasyBox [2006/11/01 17:39:10 | 000,000,000 | ---D | M] -- C:\Program Files\eBay [2009/05/08 14:43:13 | 000,000,000 | ---D | M] -- C:\Program Files\eMule [2012/04/25 22:34:49 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs [2009/09/19 12:22:43 | 000,000,000 | ---D | M] -- C:\Program Files\Freeplayer [2006/08/23 17:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\GMixon [2012/06/19 23:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2006/08/23 17:05:16 | 000,000,000 | ---D | M] -- C:\Program Files\Goto Software [2007/09/09 10:44:11 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft [2013/06/06 14:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard [2013/03/04 17:07:59 | 000,000,000 | ---D | M] -- C:\Program Files\HP [2013/03/04 17:08:36 | 000,000,000 | ---D | M] -- C:\Program Files\HP Photo Creations [2009/01/10 15:44:02 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2013/05/16 08:49:14 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2012/11/12 15:29:25 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2013/05/15 13:41:49 | 000,000,000 | ---D | M] -- C:\Program Files\jZip [2009/05/08 12:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack [2006/08/23 17:04:24 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com [2009/01/08 21:05:07 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech [2013/06/06 14:51:49 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/08/13 19:04:02 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger [2009/01/10 15:44:02 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application [2013/03/04 17:08:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2009/09/21 03:00:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2011/08/05 22:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Digital Image 2006 [2006/11/02 01:19:58 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2007/06/16 21:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games [2006/11/02 01:23:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2013/03/15 09:41:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2006/11/02 01:24:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2010/08/15 00:24:57 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2013/05/24 13:31:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2013/05/25 09:50:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2007/09/06 21:27:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird [2013/05/16 11:21:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird1 [2006/11/10 16:19:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2004/08/16 18:03:38 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2006/11/17 23:17:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2010/08/13 18:57:03 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2006/08/23 17:05:12 | 000,000,000 | ---D | M] -- C:\Program Files\Norman [2010/12/16 00:33:49 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2006/08/23 17:04:23 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2006/08/23 17:04:12 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2006/08/23 16:55:08 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek AC97 [2006/08/23 16:55:08 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek Sound Manager [2013/06/06 12:28:59 | 000,000,000 | ---D | M] -- C:\Program Files\Search Results Toolbar [2004/08/16 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2006/08/23 17:13:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic [2012/04/25 22:33:49 | 000,000,000 | ---D | M] -- C:\Program Files\Switcher [2007/09/09 11:04:53 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec [2013/06/06 14:35:01 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro [2006/08/23 17:12:37 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems [2009/01/10 15:48:46 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2009/05/08 15:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2009/09/19 12:25:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2009/09/19 12:25:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2006/08/23 17:12:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components [2010/08/13 18:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2010/08/13 18:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2004/08/16 18:07:42 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate [2004/08/16 18:11:16 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe [2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\system32\autochk.exe [2004/08/05 14:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D22586E6D84FD19D02410C17060666AF -- C:\cmdcons\autochk.exe [2004/08/05 14:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D22586E6D84FD19D02410C17060666AF -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe [2004/08/05 14:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=D22586E6D84FD19D02410C17060666AF -- C:\WINDOWS\I386\AUTOCHK.EXE [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004/08/05 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hidserv.dll [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hidserv.dll [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hidserv.dll [2010/08/13 18:51:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hidserv.dll [2004/08/04 00:54:28 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=007B1DA566D0AE7B8169FDE4DC618B70 -- C:\WINDOWS\$NtServicePackUninstall$\hidserv.dll [2008/04/14 04:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\ServicePackFiles\i386\hidserv.dll [2008/04/14 04:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\system32\hidserv.dll [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll [2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\system32\imm32.dll [2004/08/05 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=39EE5FAF56260EBB8D77A08F525EBBB4 -- C:\WINDOWS\$NtServicePackUninstall$\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2009/03/21 15:58:25 | 001,054,208 | ---- | M] (Microsoft Corporation) MD5=2087E2764822A8D93A4CA7FA0FED35E8 -- C:\WINDOWS\$hf_mig$\KB959426\SP2QFE\kernel32.dll [2008/04/14 04:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll [2008/04/14 04:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll [2009/03/21 16:20:10 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=534040750B9E70B156A98F5D0E8F6D2A -- C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll [2007/04/16 18:11:08 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=62E3F0E9ABFCBCEE62C51546F622C455 -- C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll [2007/04/16 17:53:11 | 001,049,600 | ---- | M] (Microsoft Corporation) MD5=6F1FE2AE7B22EB9CED1BFF533C9455EA -- C:\WINDOWS\$NtUninstallKB959426_0$\kernel32.dll [2004/08/05 14:00:00 | 001,048,576 | ---- | M] (Microsoft Corporation) MD5=7830E20C74611281B1BDAE5888CD50F5 -- C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll [2009/03/21 16:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$hf_mig$\KB959426\SP3GDR\kernel32.dll [2009/03/21 16:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll [2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\dllcache\kernel32.dll [2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\kernel32.dll [2009/03/21 16:00:17 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=C3AF0EEE26B59484E674673E3016AAB7 -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll [2012/10/03 06:57:29 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=CB4292C6D077188C726B2EE073E5D3BE -- C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll [2006/07/05 12:56:38 | 001,049,088 | ---- | M] (Microsoft Corporation) MD5=CE4AF1FA47A29ADF97CB107775CE395C -- C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll [2006/07/05 12:58:13 | 001,050,112 | ---- | M] (Microsoft Corporation) MD5=FB85EF2A6713E3A58A497E093626B93C -- C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2008/04/14 04:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll [2008/04/14 04:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll [2008/06/20 19:37:01 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=4138FBDEDBC6FEAD215BB4C4B102F7DE -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll [2008/06/20 19:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=58AF8498C62E1E1DAB5AE59C6E08C180 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll [2008/06/20 19:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=58AF8498C62E1E1DAB5AE59C6E08C180 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll [2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\dllcache\mswsock.dll [2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\mswsock.dll [2008/06/20 19:41:06 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=8A52DE10680A40ECD04FA2C0FBC34190 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll [2008/06/20 19:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [2008/06/20 19:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll [2004/08/05 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=CCDD3433F3C3BD0D8502B38FD155B2F0 -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2007/02/09 13:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys [2007/02/09 13:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys [2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys [2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys [2004/08/05 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\ntfs.sys [2004/08/05 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys [2004/08/05 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\I386\NTFS.SYS [color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color] [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\system32\ntmssvc.dll [2004/08/05 14:00:00 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=3F82A4226289510DF300813B9B87F0E5 -- C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe [2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\system32\proquota.exe [2004/08/05 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=B016A243838BF7DA762807D88470D046 -- C:\WINDOWS\$NtServicePackUninstall$\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2004/08/05 14:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=87424817F82CF6A7F55DAC01A20111A3 -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\bits\qmgr.dll [2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [color=#A23BEC]< MD5 for: SFCFILES.DLL >[/color] [2004/08/05 14:00:00 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=ACF04FB3448D2C2CD3A851C138EC8AB6 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll [2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll [2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\system32\sfcfiles.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [2008/04/14 04:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe [2008/04/14 04:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe [2005/06/11 02:17:14 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [2004/08/05 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=B4EF928E4FAD79364A80ACBA6D999934 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe [2005/06/11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2004/08/05 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\system32\termsrv.dll [2004/08/05 14:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=7D521B8CF926459E270D18C559323815 -- C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2004/08/05 14:00:00 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=313B1A0D5DB26DFE1C34A6C13B2CE0A7 -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys [2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys [2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\drivers\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2007/10/11 07:59:29 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=0465CDE31ADD22F6233FFB4FE4AF01CF -- C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\wininet.dll [2008/10/16 03:01:38 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=05033943FF61ABD13B93C00337D04E92 -- C:\WINDOWS\$hf_mig$\KB958215\SP3GDR\wininet.dll [2009/10/29 07:46:29 | 000,666,112 | ---- | M] (Microsoft Corporation) MD5=07FD90B96C6A1E1FAE1E0658A25C039E -- C:\WINDOWS\$NtUninstallKB978207$\wininet.dll [2009/04/29 06:34:40 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=0A4B365061992BC4EF268229BE616F57 -- C:\WINDOWS\$hf_mig$\KB969897\SP3GDR\wininet.dll [2007/01/04 16:02:18 | 000,669,184 | ---- | M] (Microsoft Corporation) MD5=114342601AC7EA73B0D2A0ED8505B8B9 -- C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll [2007/02/19 17:04:13 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=129A4681B22150D08E35E144494240A2 -- C:\WINDOWS\$NtUninstallKB933566$\wininet.dll [2007/08/22 15:13:08 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=18048557AA56DE4B1955FDF7A21F9B24 -- C:\WINDOWS\$NtUninstallKB942615$\wininet.dll [2007/06/26 16:36:02 | 000,669,696 | ---- | M] (Microsoft Corporation) MD5=19058FBDC72F7BAE085369C6D0A7D074 -- C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll [2012/05/16 17:06:36 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=1A5B88015B3823D31C5842DE0DBFE842 -- C:\WINDOWS\ie8updates\KB2722913-IE8\wininet.dll [2009/06/26 18:50:31 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=1B086DE4AFB06F40C5949992314738D4 -- C:\WINDOWS\$hf_mig$\KB972260\SP3GDR\wininet.dll [2010/04/16 18:07:58 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=1B7EBDD150980FFA0597E94D4D6810A5 -- C:\WINDOWS\$hf_mig$\KB982381\SP3GDR\wininet.dll [2007/02/19 17:23:02 | 000,669,696 | ---- | M] (Microsoft Corporation) MD5=1BDE6D5DBA35797ECA8DB8FCB80FC015 -- C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\wininet.dll [2008/10/16 03:04:15 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=1C6E9FDAB1F4CB983A39EFBA6F131ACC -- C:\WINDOWS\$hf_mig$\KB958215\SP3QFE\wininet.dll [2009/10/29 07:22:48 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=1DF357F4537A7F5D77F46D9C4F36DDF0 -- C:\WINDOWS\$hf_mig$\KB976325\SP3QFE\wininet.dll [2010/04/16 17:21:29 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=230EB19059FD2C744132C1F907EBBC37 -- C:\WINDOWS\$hf_mig$\KB982381\SP2QFE\wininet.dll [2007/01/04 15:55:24 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=25D38FFA2B441E326850AE4CB67D1A91 -- C:\WINDOWS\$NtUninstallKB931768$\wininet.dll [2009/10/29 07:20:44 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=26A2F945BB0E60D5590B61D650162E1B -- C:\WINDOWS\$hf_mig$\KB976325\SP2QFE\wininet.dll [2009/02/20 10:10:57 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=273B84C3C339341F917D7DDAD0722F51 -- C:\WINDOWS\$hf_mig$\KB963027\SP3GDR\wininet.dll [2012/07/02 19:38:43 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=29FEC860C77934244D28213C24A6E110 -- C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll [2009/04/29 06:29:19 | 000,672,256 | ---- | M] (Microsoft Corporation) MD5=2B73F48C9BD74FD54E07556B41684AC3 -- C:\WINDOWS\$hf_mig$\KB969897\SP3QFE\wininet.dll [2009/06/26 18:18:51 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=2E9ED609D173987B6773EC349C3A1D55 -- C:\WINDOWS\$NtUninstallKB974455$\wininet.dll [2010/12/21 01:52:01 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=2F0037D24E82840EF1D47B635B37301A -- C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [2011/06/23 20:31:31 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=3008D2F793F23FF0DDBC5A1FB9F8374F -- C:\WINDOWS\ie8updates\KB2586448-IE8\wininet.dll [2013/04/17 00:16:49 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3405104CE3F9B8CDCF5F5A23EC26E681 -- C:\WINDOWS\system32\dllcache\wininet.dll [2013/04/17 00:16:49 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3405104CE3F9B8CDCF5F5A23EC26E681 -- C:\WINDOWS\system32\wininet.dll [2008/04/21 09:02:40 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=355A69CC05045428CE6B9E6BFBD4B74B -- C:\WINDOWS\$NtUninstallKB953838$\wininet.dll [2012/07/02 19:39:50 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=3702C4555CE284742F80364D7904BA73 -- C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll [2005/07/03 04:10:54 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=39846B1AC2B99349272EE6E075C3B8AF -- C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll [2010/02/26 08:05:23 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=3A5B86C07128AB5EE198DAD8A341572C -- C:\WINDOWS\$hf_mig$\KB980182\SP2QFE\wininet.dll [2013/03/02 03:54:04 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3FB34DDAAED61D8451C514A91D1699D2 -- C:\WINDOWS\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll [2009/06/26 18:43:00 | 000,672,256 | ---- | M] (Microsoft Corporation) MD5=421625BFBCED3CCAFC30EBA47A05CECB -- C:\WINDOWS\$hf_mig$\KB972260\SP3QFE\wininet.dll [2011/04/25 18:06:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=42F5E14E33D79C236680468B1E4999F4 -- C:\WINDOWS\ie8updates\KB2559049-IE8\wininet.dll [2009/09/25 07:49:54 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=442959D8A81262A1EFAC539AB5551FAE -- C:\WINDOWS\$hf_mig$\KB974455\SP2QFE\wininet.dll [2010/02/26 07:39:01 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=4527C7A356AFA4465BE5C713F8CB450C -- C:\WINDOWS\$hf_mig$\KB980182\SP3QFE\wininet.dll [2013/03/02 03:55:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=48309E1F5ED8E72783EEFBA04898BDA1 -- C:\WINDOWS\ie8updates\KB2829530-IE8\wininet.dll [2008/04/14 04:33:48 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=4A6E04EA20F48D750D9BFED8600D516B -- C:\WINDOWS\ServicePackFiles\i386\wininet.dll [2008/10/16 12:38:29 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=4BAD064ED3FB5008AF94D427DD77FDDD -- C:\WINDOWS\$NtUninstallKB963027$\wininet.dll [2009/04/29 06:31:38 | 000,672,256 | ---- | M] (Microsoft Corporation) MD5=4C0CAC19431E83809003460D2E54F5FB -- C:\WINDOWS\$hf_mig$\KB969897\SP2QFE\wininet.dll [2008/06/23 16:56:26 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=4E00327DA458BEFFEA8F4B222F466B20 -- C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\wininet.dll [2006/06/23 13:11:45 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=4F343F414F05E81CF61B1001634FC6B7 -- C:\WINDOWS\$NtUninstallKB922760$\wininet.dll [2007/08/22 14:57:30 | 000,669,696 | ---- | M] (Microsoft Corporation) MD5=4F6A45B54D26708E2C2BF2C43D83EDEA -- C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll [2008/08/20 07:10:11 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=50D19E569C83A9C1AE7EFAEF6A93BC50 -- C:\WINDOWS\$hf_mig$\KB956390\SP3GDR\wininet.dll [2012/11/01 14:15:37 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=51A9018D2872998747A12DE8F1897D38 -- C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll [2009/09/25 07:36:34 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=52725B1CDF5C27A19BB316BE4C7CFDCE -- C:\WINDOWS\$hf_mig$\KB974455\SP3GDR\wininet.dll [2009/09/25 07:32:48 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=529081B5F266D9E18F85A2EF7725F21A -- C:\WINDOWS\$hf_mig$\KB974455\SP3QFE\wininet.dll [2012/05/16 17:05:31 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=55DEA0699C49199F80D41B8177708169 -- C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll [2006/06/23 13:25:42 | 000,668,672 | ---- | M] (Microsoft Corporation) MD5=582953780721AC5D38F98CAB229EC7B9 -- C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll [2004/08/05 14:00:00 | 000,660,480 | ---- | M] (Microsoft Corporation) MD5=58FE94EF42E074F4CAD8BF02E70E6478 -- C:\WINDOWS\$NtUninstallKB896727$\wininet.dll [2010/11/06 02:25:05 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=59EED8A2D9A36A824834E0CFDB403A71 -- C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [2011/12/17 21:43:31 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=5C72F65D2F038E0BF481326423F9D266 -- C:\WINDOWS\ie8updates\KB2675157-IE8\wininet.dll [2006/10/23 17:18:48 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=6091FEE2B68974683D52119A98BE3564 -- C:\WINDOWS\$NtUninstallKB928090$\wininet.dll [2010/04/16 18:00:53 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=618BAA71E2639379B9947530677FF103 -- C:\WINDOWS\$hf_mig$\KB982381\SP3QFE\wininet.dll [2011/06/23 20:29:27 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=66B28BE3DD3BDBD020B4317AD7051427 -- C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [2009/03/08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll [2009/12/22 07:06:05 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=6F18BDEDD53274AD3E5F55A454CD4A92 -- C:\WINDOWS\$hf_mig$\KB978207\SP3QFE\wininet.dll [2010/04/16 17:36:40 | 000,666,112 | ---- | M] (Microsoft Corporation) MD5=723ECE72C35ED65D1758068B17B76D7C -- C:\WINDOWS\ie8\wininet.dll [2010/09/10 07:47:27 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=73F26DB9C92C7A8259B534451E3B18F9 -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [2011/02/23 01:05:48 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=77C66BD5CED4E555919A5FB713322CDD -- C:\WINDOWS\ie8updates\KB2530548-IE8\wininet.dll [2012/03/01 12:58:11 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7960ADFC62197E5262A8A72A9FE99C43 -- C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [2009/12/22 07:35:28 | 000,672,768 | ---- | M] (Microsoft Corporation) MD5=798862A02332BA22D7677651541C7CC2 -- C:\WINDOWS\$hf_mig$\KB978207\SP2QFE\wininet.dll [2008/04/21 08:43:36 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=7AF7D7D178F2863E7E7C880B55C88B76 -- C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll [2011/08/23 01:41:31 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=7DF35C3D173E799F97F208CC5F3B1C93 -- C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll [2009/04/29 06:52:34 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=814148D0471936ECFC8B9FC5B761A447 -- C:\WINDOWS\$NtUninstallKB972260$\wininet.dll [2010/02/26 07:42:37 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=82782CBD6E1A6E87DCA435DBECEF9A73 -- C:\WINDOWS\$hf_mig$\KB980182\SP3GDR\wininet.dll [2008/04/21 08:30:24 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=82B3264706B9921C67B196319FDA51DE -- C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll [2010/11/06 02:21:45 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=85DCE8DAFD2AC492AFACC528161611BB -- C:\WINDOWS\ie8updates\KB2482017-IE8\wininet.dll [2007/06/26 16:12:55 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=889269134AF28B2142F47A337CA3A1CD -- C:\WINDOWS\$NtUninstallKB939653$\wininet.dll [2011/02/23 01:25:24 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=8B466303E57E69AC1F82849006BADAAD -- C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [2008/06/23 18:15:44 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=8CA18FD7CCCABFF7E84702BC1BBF5DCB -- C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\wininet.dll [2009/02/20 09:58:50 | 000,671,744 | ---- | M] (Microsoft Corporation) MD5=8EAE861274F3E0C00C10C871371A1A8E -- C:\WINDOWS\$hf_mig$\KB963027\SP3QFE\wininet.dll [2008/06/23 17:40:08 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=95D92788889B847309C63E2EC287D1C0 -- C:\WINDOWS\$NtUninstallKB956390$\wininet.dll [2008/08/20 07:07:28 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=96D50ACA60DA22ADBD253F2825C98D1A -- C:\WINDOWS\$hf_mig$\KB956390\SP3QFE\wininet.dll [2011/08/23 01:40:21 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=96F7E8DFF026E48DD7655DBFC47E7944 -- C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [2010/06/24 14:28:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9BB4D31E5EF3BA1FBA3ECBECD85B3360 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [2012/12/26 22:05:34 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=A1C6DA4AE31AAE1B623A1432038A134D -- C:\WINDOWS\$hf_mig$\KB2792100-IE8\SP3QFE\wininet.dll [2009/12/22 07:09:03 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=A3AF5EEC47D71F7F135CC4487E7D884D -- C:\WINDOWS\$hf_mig$\KB978207\SP3GDR\wininet.dll [2007/04/18 14:44:43 | 000,669,696 | ---- | M] (Microsoft Corporation) MD5=A3BF56A786B277E881FD9137F55F0B4B -- C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll [2010/09/10 07:50:18 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=A7E08F8C451076D4234AEB380693E45A -- C:\WINDOWS\ie8updates\KB2416400-IE8\wininet.dll [2010/06/24 14:25:24 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=A91B0454DF71BDF4906EAB2D098A30EC -- C:\WINDOWS\ie8updates\KB2360131-IE8\wininet.dll [2009/02/20 10:15:39 | 000,672,256 | ---- | M] (Microsoft Corporation) MD5=AD9AB4386AE234EA5C8EED51CD934C44 -- C:\WINDOWS\$hf_mig$\KB963027\SP2QFE\wininet.dll [2008/08/20 07:37:15 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=ADBB0BDB81EB0013942D907E9418AB8B -- C:\WINDOWS\$NtUninstallKB958215$\wininet.dll [2008/08/20 07:33:46 | 000,671,744 | ---- | M] (Microsoft Corporation) MD5=AEF39AC3BCBAFE971155D0073191B5A6 -- C:\WINDOWS\$hf_mig$\KB956390\SP2QFE\wininet.dll [2010/12/21 01:53:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=AF4EAA3B35A2D206E1902D7CA61B958A -- C:\WINDOWS\ie8updates\KB2497640-IE8\wininet.dll [2011/11/04 21:13:29 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=B0DF02C2326381D64149F3EEFAE5E09D -- C:\WINDOWS\ie8updates\KB2647516-IE8\wininet.dll [2006/09/14 10:40:05 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=B1E994472F3574DB141266F1AA905433 -- C:\WINDOWS\$NtUninstallKB925454$\wininet.dll [2006/09/14 10:38:07 | 000,668,672 | ---- | M] (Microsoft Corporation) MD5=B8B6F05885A6F42724E8D6BFEDE6BD3F -- C:\WINDOWS\$hf_mig$\KB922760\SP2QFE\wininet.dll [2010/05/06 12:33:44 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=B98E84E2CD3EE25D6D41936352E93112 -- C:\WINDOWS\ie8updates\KB2183461-IE8\wininet.dll [2007/12/07 02:47:21 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=C057D734B1951393FD07E2607513D4D9 -- C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll [2007/12/07 03:07:05 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=C5A40DE381481D288ADDEE45FC67F652 -- C:\WINDOWS\$NtUninstallKB947864$\wininet.dll [2010/05/06 12:27:42 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=C906F4EA76E7BEC9255776E626086B95 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [2008/02/16 11:02:39 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=C9218CD3CD93586FFE9AE789282CAE63 -- C:\WINDOWS\$NtUninstallKB950759$\wininet.dll [2007/04/18 14:32:02 | 000,663,040 | ---- | M] (Microsoft Corporation) MD5=CA6F58031096FC2509C57670129469F7 -- C:\WINDOWS\$NtUninstallKB937143$\wininet.dll [2011/11/04 21:12:19 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=CC5816AA2B0EB20BA52D5622A7C1DED3 -- C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [2013/02/05 21:55:30 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=CD6DD7CD80EEFEC4A95B8D156B074036 -- C:\WINDOWS\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll [2009/12/22 07:41:35 | 000,666,112 | ---- | M] (Microsoft Corporation) MD5=CE3FF5997569EF50ECCBF3E4EA41398C -- C:\WINDOWS\$NtUninstallKB980182$\wininet.dll [2009/09/25 07:54:25 | 000,666,112 | ---- | M] (Microsoft Corporation) MD5=CFB3271742D2E2801021287973FEFB32 -- C:\WINDOWS\$NtUninstallKB976325$\wininet.dll [2012/08/28 17:04:59 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D0E5BB7F1F2B2A86CE809CC8EA9CB5B5 -- C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll [2008/06/23 17:10:27 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=D2177655BC338A07B99913F6A4BED52D -- C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\wininet.dll [2007/10/11 08:13:41 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=D2FD027E5D3AF96DEE6C5CC225079DF0 -- C:\WINDOWS\$NtUninstallKB944533$\wininet.dll [2012/03/01 13:00:23 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D44608FCA100A5C48053588517517028 -- C:\WINDOWS\ie8updates\KB2699988-IE8\wininet.dll [2009/06/26 18:01:34 | 000,672,256 | ---- | M] (Microsoft Corporation) MD5=D7F5C0B6497908C84F9C1E9D2BB36396 -- C:\WINDOWS\$hf_mig$\KB972260\SP2QFE\wininet.dll [2009/10/29 07:25:37 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=D89926AF5796E322D229B1C2E4FC8D1D -- C:\WINDOWS\$hf_mig$\KB976325\SP3GDR\wininet.dll [2008/02/16 11:32:00 | 000,670,208 | ---- | M] (Microsoft Corporation) MD5=DCB8A9F102663D962BE60CDE38A6C1D7 -- C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll [2010/02/26 08:12:18 | 000,666,112 | ---- | M] (Microsoft Corporation) MD5=E72B21BEDABC235E93A076BDDA31C85B -- C:\WINDOWS\$NtUninstallKB982381$\wininet.dll [2005/07/03 04:16:42 | 000,662,528 | ---- | M] (Microsoft Corporation) MD5=E994E704303F07F331B03EE9ED6D9E2D -- C:\WINDOWS\$NtUninstallKB918899$\wininet.dll [2011/04/25 18:04:06 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=E996F26337B0DEA2650CEAD393C15B82 -- C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [2012/11/01 14:17:51 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=E9C2CF196F769DE332181121B37518E7 -- C:\WINDOWS\ie8updates\KB2792100-IE8\wininet.dll [2012/08/28 17:03:48 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=ECB2FC839288380533043CF2E91E51E6 -- C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll [2006/10/23 17:34:38 | 000,668,672 | ---- | M] (Microsoft Corporation) MD5=EFA0C2870CBA1747809A13E09F35BF82 -- C:\WINDOWS\$hf_mig$\KB925454\SP2QFE\wininet.dll [2008/04/21 08:57:27 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=F2F343D7ED0223645BA773B840EB4993 -- C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll [2012/12/26 22:06:36 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F60FB84A5F9DC64C62B5EDADD399C38B -- C:\WINDOWS\ie8updates\KB2809289-IE8\wininet.dll [2008/10/16 12:23:43 | 000,671,744 | ---- | M] (Microsoft Corporation) MD5=F9AE6DBB4EC5B4D1A82BF2F0CB7EE200 -- C:\WINDOWS\$hf_mig$\KB958215\SP2QFE\wininet.dll [2011/12/17 21:42:36 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=FBF4D9A8AE222337063B7DF8881F5AE5 -- C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [2013/02/05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=FCDD66EE148885E900285ADE8417E40B -- C:\WINDOWS\ie8updates\KB2817183-IE8\wininet.dll [2009/02/20 10:31:26 | 000,663,552 | ---- | M] (Microsoft Corporation) MD5=FD1F0132A44E044C821C2B74D918D20A -- C:\WINDOWS\$NtUninstallKB969897$\wininet.dll [color=#A23BEC]< MD5 for: WININIT.INI >[/color] [2007/09/03 19:55:43 | 000,000,345 | ---- | M] () MD5=A1F69FC39D2BB92E80AC501D7820D09C -- C:\WINDOWS\wininit.ini [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2004/08/05 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=BC41F51A39D3B255805FDB759B7814AE -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll [2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll [2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\system32\ws2_32.dll [color=#A23BEC]< MD5 for: XMLPROV.DLL >[/color] [2004/08/05 14:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=21056AEF44322C3E2DD5391B6AEFA75A -- C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\system32\xmlprov.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color] "Debug" = "Kmode" = %SystemRoot%\system32\win32k.sys -- [2013/04/12 16:00:55 | 001,876,480 | ---- | M] (Microsoft Corporation) "Optional" = Posix [binary data] "Posix" = %SystemRoot%\system32\psxss.exe "Required" = DebugWindows [binary data] "Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS] "CsrSrvSharedSectionBase" = 2137980928 [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2004/08/16 17:53:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2004/08/16 17:53:32 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2004/08/16 17:53:32 | 000,389,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2004/08/16 17:40:42 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini [2004/08/16 18:18:16 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT [2006/10/27 15:57:50 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job [2012/06/19 22:42:55 | 000,001,002 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [2012/06/19 23:00:26 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2012/06/19 23:00:27 | 000,001,062 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2012/10/16 18:45:58 | 000,000,440 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A55E8462-3B39-49DD-829B-C119EB95E9A1}.job [2013/03/04 17:07:56 | 000,000,452 | ---- | C] () -- C:\WINDOWS\Tasks\At1.job [2013/03/04 17:07:56 | 000,000,452 | ---- | C] () -- C:\WINDOWS\Tasks\At2.job [2013/03/04 17:07:56 | 000,000,452 | ---- | C] () -- C:\WINDOWS\Tasks\At3.job [2013/03/04 17:07:56 | 000,000,452 | ---- | C] () -- C:\WINDOWS\Tasks\At4.job [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:5A135F04 < End of report >