Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015 Ran by Louise (administrator) on ORDI-LOU on 20-06-2015 10:46:19 Running from C:\Documents and Settings\Louise\Mes documents\textes\Révision\Francais\docs français à imprimer Loaded Profiles: Louise & UpdatusUser (Available Profiles: Louise & UpdatusUser) Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE (The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (OLITEC Technology, Corp.) C:\Program Files\OLITEC\Common\Olitec.exe (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-05-15] () HKLM\...\Run: [SoundMan] => C:\windows\SOUNDMAN.EXE [77824 2005-04-15] (Realtek Semiconductor Corp.) HKLM\...\Run: [NielsenOnline] => C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [91872 2015-01-16] (The Nielsen Company) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-18] (Avast Software s.r.o.) HKU\S-1-5-21-329068152-162531612-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd) HKU\S-1-5-21-329068152-162531612-839522115-1003\...\MountPoints2: {e1fb2c93-be2b-11e1-85e6-000a78980eee} - E:\Startme.exe HKU\S-1-5-21-329068152-162531612-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\sspipes.scr [610304 2008-04-14] (Microsoft Corporation) IFEO\jumpflip: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe Lsa: [Authentication Packages] msv1_0 nwprovau Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk [2015-05-30] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\OLITEC Wireless Utility.lnk [2013-04-13] ShortcutTarget: OLITEC Wireless Utility.lnk -> C:\Program Files\OLITEC\Common\Olitec.exe (OLITEC Technology, Corp.) Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk [2015-06-17] ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) Startup: C:\Documents and Settings\Louise\Menu Démarrer\Programmes\Démarrage\OneNote 2010 - Capture d’écran et lancement.lnk [2012-09-12] ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-18] (Avast Software s.r.o.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-329068152-162531612-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ HKU\S-1-5-21-329068152-162531612-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: [S-1-5-21-329068152-162531612-839522115-1004] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKU\.DEFAULT -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1483&systemid=1&v=a15946-308&apn_uid=2972441012004239&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-329068152-162531612-839522115-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = SearchScopes: HKU\S-1-5-21-329068152-162531612-839522115-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] () BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-18] (Avast Software s.r.o.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-329068152-162531612-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2012-11-10] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Louise\Application Data\Mozilla\Firefox\Profiles\5iphdztx.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-30] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nielsen/FirefoxTracker -> C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll [2015-06-20] (Nielsen) FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.) FF Plugin HKU\S-1-5-21-329068152-162531612-839522115-1003: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2014-01-16] (Sony Network Entertainment International LLC) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2001-09-10] (Adobe Systems Inc.) FF Extension: FrameFox Shop - C:\Documents and Settings\Louise\Application Data\Mozilla\Firefox\Profiles\5iphdztx.default\Extensions\8C033D1B-0514-492c-A44B-6D802CC25673@jetpack [2015-05-08] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-26] FF HKLM\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi FF Extension: Nielsen NetSight - C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi [2015-06-20] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-18] FF HKU\S-1-5-21-329068152-162531612-839522115-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR Profile: C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Nielsen) - C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amebgbgmoldiehbbbjcaoceilcfnniop [2015-06-20] CHR Extension: (No Name) - C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2015-03-13] CHR Extension: (No Name) - C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-05] CHR Extension: (No Name) - C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-05] CHR HKLM\...\Chrome\Extension: [amebgbgmoldiehbbbjcaoceilcfnniop] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-18] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-18] (Avast Software s.r.o.) S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 NielsenUpdate; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2934496 2015-01-16] (The Nielsen Company) R2 NWCWorkstation; C:\windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) R2 NwSapAgent; C:\windows\System32\ipxsap.dll [66560 2003-04-24] (Microsoft Corporation) S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) R3 osppsvc; C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [20747 2013-04-13] (Meetinghouse Data Communications) [File not signed] R3 ALCXWDM; C:\windows\System32\drivers\ALCXWDM.SYS [2317504 2005-04-19] (Realtek Semiconductor Corp.) R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-06-18] () R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [74976 2015-06-18] (Avast Software s.r.o.) R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [55200 2015-06-18] (Avast Software s.r.o.) R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-06-18] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787760 2015-06-18] (Avast Software s.r.o.) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [427992 2015-06-18] (Avast Software s.r.o.) R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [57888 2015-06-18] (Avast Software s.r.o.) R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [209048 2015-06-18] () R3 gameenum; C:\windows\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation) R3 km_filter; C:\windows\System32\drivers\km_filter.sys [10240 2013-03-20] (The Nielsen Company) [File not signed] R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 ms_mpu401; C:\windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation) R3 MTsensor; C:\windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 nm; C:\windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation) R1 nnrnstdi; C:\windows\system32\Drivers\nnrnstdi.sys [17408 2013-03-20] (The Nielsen Company) [File not signed] R2 NwlnkIpx; C:\windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation) R2 NwlnkNb; C:\windows\System32\DRIVERS\nwlnknb.sys [63232 2003-04-24] (Microsoft Corporation) R2 NwlnkSpx; C:\windows\System32\DRIVERS\nwlnkspx.sys [55936 2003-04-24] (Microsoft Corporation) R3 NWRDR; C:\windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation) R3 RT61; C:\windows\System32\DRIVERS\RT61.sys [352768 2005-08-26] (Ralink Technology Inc.) [File not signed] S3 cpuz134; \??\C:\DOCUME~1\Louise\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X] S4 IntelIde; No ImagePath S3 NielGfx; system32\drivers\nielgfx.sys [X] S0 nielprt; system32\DRIVERS\nielprt.sys [X] U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-20 10:45 - 2015-06-20 10:46 - 00000000 ____D C:\FRST 2015-06-20 08:25 - 2015-06-20 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office 2015-06-20 08:24 - 2015-06-20 08:24 - 00000000 ____D C:\Program Files\Microsoft.NET 2015-06-18 20:02 - 2015-06-20 10:25 - 00008899 _____ C:\windows\setupapi.log 2015-06-18 20:00 - 2015-06-18 20:00 - 00000000 ____D C:\Documents and Settings\Louise\Application Data\AVAST Software 2015-06-18 19:00 - 2015-06-18 19:00 - 00000000 ____D C:\windows\jumpshot.com 2015-06-18 18:45 - 2015-06-18 18:45 - 00001689 _____ C:\Documents and Settings\All Users\Bureau\Avast Free Antivirus.lnk 2015-06-18 18:45 - 2015-06-18 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVAST Software 2015-06-18 18:44 - 2015-06-20 10:30 - 00000364 ____H C:\windows\Tasks\avast! Emergency Update.job 2015-06-18 18:44 - 2015-06-18 18:44 - 00787760 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00427992 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00291312 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe 2015-06-18 18:44 - 2015-06-18 18:44 - 00209048 _____ C:\windows\system32\Drivers\aswVmm.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00074976 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00057888 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswTdi.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00055200 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00049904 _____ C:\windows\system32\Drivers\aswRvrt.sys 2015-06-18 18:44 - 2015-06-18 18:44 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr 2015-06-18 18:44 - 2015-06-18 18:44 - 00024144 _____ C:\windows\system32\Drivers\aswHwid.sys 2015-06-18 18:37 - 2015-06-18 18:37 - 00000000 ____D C:\Program Files\AVAST Software 2015-06-18 18:31 - 2015-06-18 18:32 - 00000682 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk 2015-06-18 18:31 - 2015-06-18 18:32 - 00000000 ____D C:\Program Files\CCleaner 2015-06-18 18:31 - 2015-06-18 18:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner 2015-06-18 18:30 - 2015-06-18 18:30 - 00271784 _____ C:\windows\system32\FNTCACHE.DAT 2015-06-18 18:10 - 2015-06-18 18:10 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-18 18:08 - 2015-06-18 18:08 - 00000777 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk 2015-06-18 18:08 - 2015-06-18 18:08 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-06-18 18:08 - 2015-06-18 18:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware 2015-06-18 18:08 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-06-18 18:08 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-06-18 13:29 - 2015-06-18 14:29 - 00035064 _____ C:\windows\system32\Drivers\TrueSight.sys 2015-06-18 13:29 - 2015-06-18 13:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller 2015-06-18 13:24 - 2015-06-18 14:29 - 00001852 _____ C:\PureRa.txt 2015-06-18 13:22 - 2015-06-18 18:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software 2015-06-18 13:22 - 2015-06-18 13:22 - 00070376 _____ C:\Documents and Settings\Louise\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2015-06-18 13:12 - 2015-06-18 13:22 - 05481336 _____ (Avast Software s.r.o.) C:\Documents and Settings\All Users\Bureau\avast_free_antivirus_setup_online_01net.exe 2015-06-18 12:29 - 2015-06-18 12:39 - 00000184 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini 2015-06-18 12:28 - 2015-06-20 09:14 - 00000184 ___SH C:\Documents and Settings\Louise\ntuser.ini 2015-06-18 12:28 - 2015-06-18 12:28 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini 2015-06-18 12:28 - 2015-06-18 12:28 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2015-06-18 10:42 - 2015-06-18 10:42 - 03932214 _____ C:\Documents and Settings\Louise\Application Data\54635F7E54635F7E.bmp 2015-06-18 09:33 - 2015-06-18 18:28 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\Windows 2015-06-18 08:46 - 2015-06-18 09:55 - 00000528 _____ C:\Documents and Settings\Louise\Local Settings\Application Data\0Bz-YSyewrAzp7lIwpw0GAit4NY6yCxbYDDlngBK0UI=.ED434653F3A976D0CDA0.xtbl 2015-06-17 21:20 - 2015-06-17 21:20 - 00000000 __HDC C:\windows\$NtUninstallKB963093$ 2015-06-17 12:59 - 2015-06-17 13:13 - 00065536 _____ C:\windows\system32\config\WindowsPowerShell.evt 2015-06-17 12:59 - 2015-06-17 13:13 - 00065536 _____ C:\windows\system32\config\EventForwarding-Operational.Evt 2015-06-17 12:55 - 2015-06-17 12:55 - 00001919 _____ C:\windows\epplauncher.mif 2015-06-17 12:55 - 2015-06-17 12:55 - 00000000 __HDC C:\windows\$NtUninstallKB2808679$ 2015-06-17 12:55 - 2015-06-17 12:55 - 00000000 ____D C:\Documents and Settings\Louise\Local Settings\Application Data\PCHealth 2015-06-17 12:55 - 2015-06-17 12:55 - 00000000 ____D C:\Documents and Settings\Louise\Application Data\Windows Search 2015-06-17 12:51 - 2015-06-17 12:58 - 00065536 _____ C:\windows\system32\config\Windows .evt 2015-06-17 12:51 - 2015-06-17 12:58 - 00065536 _____ C:\windows\system32\config\Microsof.evt 2015-06-17 12:51 - 2015-06-17 12:51 - 00000000 __HDC C:\windows\$NtUninstallKB2492386$ 2015-06-17 12:50 - 2015-06-17 12:51 - 00000000 __HDC C:\windows\$968930Uinstall_KB968930$ 2015-06-17 12:50 - 2015-06-17 12:50 - 00001853 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk 2015-06-17 12:50 - 2015-06-17 12:50 - 00000000 __HDC C:\windows\$NtUninstallbasecsp$ 2015-06-17 12:50 - 2015-06-17 12:50 - 00000000 ____D C:\windows\system32\winrm 2015-06-17 12:50 - 2015-06-17 12:50 - 00000000 ____D C:\windows\system32\WindowsPowerShell 2015-06-17 12:50 - 2015-06-17 12:50 - 00000000 ____D C:\windows\$NtUninstallKB968930$ 2015-06-17 12:50 - 2015-06-17 12:50 - 00000000 ____D C:\Documents and Settings\Louise\Application Data\Windows Desktop Search 2015-06-17 12:49 - 2015-06-17 21:20 - 00000000 ____D C:\Program Files\Windows Desktop Search 2015-06-17 12:49 - 2015-06-17 12:49 - 00000000 __HDC C:\windows\$NtUninstallKB940157$ 2015-06-17 12:49 - 2015-06-17 12:49 - 00000000 __HDC C:\windows\$NtUninstallKB915800-v4$ 2015-06-17 12:49 - 2015-06-17 12:49 - 00000000 ____D C:\windows\system32\GroupPolicy 2015-06-17 12:49 - 2008-03-07 19:02 - 00192000 ____C (Microsoft Corporation) C:\windows\system32\dllcache\offfilt.dll 2015-06-17 12:49 - 2008-03-07 19:02 - 00098304 ____C (Microsoft Corporation) C:\windows\system32\dllcache\nlhtml.dll 2015-06-17 12:49 - 2008-03-07 19:02 - 00029696 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mimefilt.dll 2015-06-17 12:48 - 2015-06-17 12:48 - 00000000 ____D C:\windows\system32\URTTEMP 2015-06-17 12:42 - 2011-08-16 12:45 - 00006144 ____C (Microsoft Corporation) C:\windows\system32\dllcache\iecompat.dll 2015-06-17 12:42 - 2011-03-11 16:10 - 00225262 ____C C:\windows\system32\dllcache\msimain.sdb 2015-06-14 11:19 - 2015-06-14 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2015-06-04 09:32 - 2015-06-04 09:32 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\McAfee 2015-06-04 09:31 - 2015-06-04 09:31 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-06-04 09:31 - 2015-06-04 09:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus 2015-05-30 08:40 - 2015-06-04 09:31 - 00001773 _____ C:\Documents and Settings\All Users\Bureau\McAfee Security Scan Plus.lnk 2015-05-30 08:40 - 2015-06-04 09:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee Security Scan 2015-05-30 08:40 - 2015-05-30 08:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-20 10:47 - 2012-06-24 17:11 - 00000000 ____D C:\Documents and Settings\Louise\Local Settings\Temp 2015-06-20 10:46 - 2014-12-28 19:46 - 00000412 _____ C:\windows\Tasks\At1.job 2015-06-20 10:36 - 2012-10-26 19:00 - 00001002 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-06-20 10:34 - 2003-04-24 16:00 - 00013646 _____ C:\windows\system32\wpa.dbl 2015-06-20 10:26 - 2012-06-24 18:25 - 01746129 _____ C:\windows\WindowsUpdate.log 2015-06-20 10:24 - 2014-03-09 18:53 - 00000224 _____ C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job 2015-06-20 10:24 - 2012-10-13 19:47 - 00001052 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-20 10:24 - 2012-06-24 17:59 - 00000159 _____ C:\windows\wiadebug.log 2015-06-20 10:24 - 2012-06-24 17:59 - 00000050 _____ C:\windows\wiaservc.log 2015-06-20 10:24 - 2012-06-24 17:05 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-06-20 09:14 - 2012-09-12 16:15 - 00131072 _____ C:\windows\system32\config\OAlerts.evt 2015-06-20 09:14 - 2012-06-24 17:11 - 00000000 ____D C:\Documents and Settings\Louise 2015-06-20 09:14 - 2012-06-24 17:08 - 00032610 _____ C:\windows\SchedLgU.Txt 2015-06-20 08:53 - 2012-09-15 23:45 - 00000000 ___RD C:\Documents and Settings\Louise\Mes documents\textes 2015-06-20 08:49 - 2012-10-13 19:47 - 00001056 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-20 08:39 - 2012-10-26 19:46 - 00000000 ____D C:\Documents and Settings\Louise\Mes documents\Mes vidéos 2015-06-20 08:39 - 2012-06-24 17:11 - 00000000 ___RD C:\Documents and Settings\Louise\Mes documents\Mes images 2015-06-20 08:39 - 2012-06-24 17:11 - 00000000 ___RD C:\Documents and Settings\Louise\Mes documents\Ma musique 2015-06-20 08:26 - 2012-09-12 16:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2015-06-20 08:25 - 2012-06-24 17:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes 2015-06-20 08:24 - 2012-06-24 17:58 - 00000000 ____D C:\Program Files\Fichiers communs\Microsoft Shared 2015-06-18 21:22 - 2012-10-13 19:48 - 00000000 ____D C:\Documents and Settings\Louise\Local Settings\Application Data\Temp 2015-06-18 18:45 - 2012-06-24 17:58 - 00000000 ____D C:\Documents and Settings\All Users\Bureau 2015-06-18 18:34 - 2015-02-28 15:29 - 00000000 ____D C:\windows\Minidump 2015-06-18 18:30 - 2012-07-02 09:35 - 00000000 __HDC C:\windows\$NtUninstallKB972270$ 2015-06-18 12:49 - 2012-06-24 17:11 - 00000000 ____D C:\Documents and Settings\Louise\Bureau 2015-06-18 12:47 - 2013-01-22 19:29 - 00000000 ___RD C:\Documents and Settings\Louise\Bureau\Jeux 2015-06-18 12:47 - 2012-09-12 16:15 - 00000000 ___RD C:\Documents and Settings\Louise\Bureau\Microsoft Office 2015-06-18 12:47 - 2012-06-24 17:31 - 00000000 __SHD C:\Documents and Settings\Louise\UserData 2015-06-18 12:39 - 2015-05-13 16:49 - 00000000 ____D C:\AdwCleaner 2015-06-18 12:34 - 2012-08-02 11:13 - 00000000 __SHD C:\Documents and Settings\Louise\PrivacIE 2015-06-18 12:28 - 2012-06-24 17:08 - 00000000 __SHD C:\Documents and Settings\NetworkService 2015-06-18 12:28 - 2012-06-24 17:08 - 00000000 __SHD C:\Documents and Settings\LocalService 2015-06-18 09:55 - 2015-05-13 15:14 - 00000560 ____H C:\Documents and Settings\Louise\Bureau\ti7XA4fiW+YHRVxl8rErpb4tC2EjssNxGCd+QxyfJRE=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2015-05-10 10:36 - 00004992 _____ C:\Documents and Settings\Louise\Local Settings\Application Data\z-ec4vYW8mZKiIWqFfrB3OerZ9oxD6JA14mrFcw3PiJJF8VQ1Gjnfc2US5cY3FjyXICvslgI8ZS3x2eMcYYFuPQ7bMLtWNlG8ewUgfuDXvk=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2015-04-19 19:41 - 00000560 ____H C:\Documents and Settings\Louise\Bureau\1-VuJ73tynV2Rw5UrTaLG3+x4qw9gHahoSDLPLBYqds=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2013-01-24 20:48 - 00006016 ___SH C:\Documents and Settings\Louise\Bureau\R3mG8rVmB4i8T5vYyx+U-QuLCCY0XgtF6JtcE2BuCKc=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-09-16 20:56 - 00000000 __SHD C:\Documents and Settings\Default User\IETldCache 2015-06-18 09:55 - 2012-09-08 14:57 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache 2015-06-18 09:55 - 2012-07-06 18:43 - 00000000 __SHD C:\Documents and Settings\Louise\IETldCache 2015-06-18 09:55 - 2012-07-02 10:24 - 00001408 ____H C:\Documents and Settings\Default User\DK7M9D9BegFgo40kkQwx2WKrVm8qq3u0NTT2oPh0cjY=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 18:57 - 00000608 ___SH C:\0Gm-oyg0n424VMEUt7kVxg==.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 18:26 - 00070768 _____ C:\Documents and Settings\Louise\Local Settings\Application Data\Pkfl2bmHta+uB7kwbUg99RueRPqb85x850-p5Cbd8qBh6MxAQGx5vH18R3FCm0DU.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:58 - 00000000 ___HD C:\Documents and Settings\Default User\Modèles 2015-06-18 09:55 - 2012-06-24 17:50 - 06923376 ____H C:\Documents and Settings\Louise\Local Settings\Application Data\KQTWxOdZtFsy7ZkfLPoi7ogcLxrgYEH4hwKV066yrBY=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:11 - 04981120 ____H C:\Documents and Settings\Louise\4AkyAvWeEZCVou1zfq1ebWxunGy9ketMgqZDzYXrVW4=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:11 - 00000576 ___SH C:\Documents and Settings\Louise\vf3WIiXuktzhx2vggg6l1ZlQN5b3Se24qkdEdAHrlWU=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:11 - 00000000 ___RD C:\Documents and Settings\Louise\Favoris 2015-06-18 09:55 - 2012-06-24 17:08 - 00229760 ____H C:\Documents and Settings\LocalService\aMXM9D76K0zVWjn+wSnaGZpkcMfkzlEGM69pl3+Atvg=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:08 - 00000416 ___SH C:\Documents and Settings\LocalService\ApuxSOnUAKgvF2hf-Px0RalzPN-E+4Ohet8drlXtJk4=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:06 - 00262528 ____H C:\Documents and Settings\Default User\Yu8Z2ciYVFw51Bi79u6k7qJq5NY21w0iBL5nNf0+Dgw=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:55 - 2012-06-24 17:05 - 00000000 __SHD C:\Documents and Settings\All Users\DRM 2015-06-18 09:55 - 2003-04-24 16:00 - 00005344 ___SH C:\l3yXMj0T3o-WLJUEbeNPKsBLbxbUb1RQg1w1uZ43PYQ=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:51 - 2014-04-20 22:22 - 00000560 ____H C:\Documents and Settings\Louise\Mes documents\0ezViB0e5kWHg7GD2TSjq3F1BuOQ8EKO6ENh1zVir1U=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:51 - 2013-01-25 19:49 - 00009600 ___SH C:\Documents and Settings\Louise\Mes documents\1H70v2frTEka5+wz5RV3GBgw1kC0NinwIB1yGkL38fU=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:50 - 2015-05-10 10:36 - 00000000 ____D C:\Documents and Settings\Louise\Mes documents\Gaétan 2015-06-18 09:34 - 2015-01-03 17:19 - 00000000 ___RD C:\Documents and Settings\NetworkService\Favoris 2015-06-18 09:34 - 2012-10-05 20:23 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache 2015-06-18 09:34 - 2012-06-24 17:08 - 00524672 ____H C:\Documents and Settings\NetworkService\Us2nvpR26tUP89sGCVu6S-m75l+gzODruvyiXI5Jzsk=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:34 - 2012-06-24 17:08 - 00000416 ___SH C:\Documents and Settings\NetworkService\-YaRuU8tvPS5HrwZ9tjA6zW-voTxPi-x-wwCJV6J5v4=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:33 - 2015-04-09 20:57 - 00000000 __SHD C:\Documents and Settings\NetworkService\PrivacIE 2015-06-18 09:33 - 2012-06-24 18:32 - 00229760 ____H C:\Documents and Settings\UpdatusUser\8RFcd9ZaY7ZYvti7QquaQttQ4uLOxLhTIg1gUoVTjCs=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:33 - 2012-06-24 18:32 - 00000576 ___SH C:\Documents and Settings\UpdatusUser\BIJIRvJc+JNrwdcYI34Cyg7j0m-p8lCi4EbmNiCGTRI=.ED434653F3A976D0CDA0.xtbl 2015-06-18 09:33 - 2012-06-24 18:32 - 00000000 ___HD C:\Documents and Settings\UpdatusUser\Modèles 2015-06-17 21:19 - 2012-06-24 17:58 - 01138566 _____ C:\windows\system32\PerfStringBackup.INI 2015-06-17 21:19 - 2012-06-24 17:03 - 00000000 ____D C:\windows\Registration 2015-06-17 12:51 - 2012-10-26 19:19 - 00000000 ____D C:\windows\Microsoft.NET 2015-06-17 12:51 - 2012-09-12 16:09 - 00000000 ____D C:\windows\ie8updates 2015-06-17 12:51 - 2012-06-24 18:54 - 00000000 ____D C:\windows\Help 2015-06-17 12:51 - 2012-06-24 18:36 - 00000000 ___HD C:\windows\$hf_mig$ 2015-06-17 12:51 - 2012-06-24 17:02 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires 2015-06-17 12:50 - 2012-07-02 09:30 - 00000000 ____D C:\windows\system32\fr-fr 2015-06-17 12:50 - 2012-06-24 18:54 - 00000000 ____D C:\windows\security 2015-06-17 12:50 - 2012-06-24 17:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage 2015-06-17 12:49 - 2012-06-24 17:03 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration 2015-06-17 12:35 - 2013-05-15 18:18 - 01148374 _____ C:\windows\setupapi.log.2.old 2015-06-17 09:49 - 2012-06-24 18:31 - 01075544 _____ C:\windows\system32\nvdrsdb0.bin 2015-06-17 09:49 - 2012-06-24 18:31 - 00000001 _____ C:\windows\system32\nvdrssel.bin 2015-06-17 09:48 - 2012-06-24 18:31 - 01075544 _____ C:\windows\system32\nvdrsdb1.bin 2015-06-14 12:07 - 2013-06-12 21:25 - 00000000 __HDC C:\windows\$NtUninstallKB2839229$ 2015-06-14 12:04 - 2014-10-28 18:43 - 00000000 ____D C:\Program Files\Music App 2015-06-10 19:36 - 2012-10-26 19:00 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-06-10 19:36 - 2012-10-26 19:00 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-06-10 18:31 - 2003-04-24 16:00 - 00000703 _____ C:\windows\WIN.INI 2015-06-10 18:30 - 2013-07-26 14:30 - 00000000 ____D C:\windows\system32\MRT 2015-06-10 18:23 - 2012-06-24 18:50 - 136900096 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-06-09 22:50 - 2015-02-19 14:57 - 00001811 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk 2015-06-09 17:01 - 2014-03-09 18:53 - 00000218 _____ C:\windows\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job 2015-05-31 13:11 - 2012-06-24 17:11 - 00000000 ___HD C:\Documents and Settings\Louise\Voisinage réseau 2015-05-30 08:45 - 2012-10-13 19:48 - 00000000 ____D C:\Documents and Settings\Louise\Local Settings\Application Data\Adobe ==================== Files in the root of some directories ======= 2014-08-19 13:40 - 2014-08-19 14:11 - 6010880 _____ () C:\Program Files\GUT10F0.tmp 2014-08-19 13:58 - 2014-08-19 14:11 - 6010880 _____ () C:\Program Files\GUT114A.tmp 2015-06-18 10:42 - 2015-06-18 10:42 - 3932214 _____ () C:\Documents and Settings\Louise\Application Data\54635F7E54635F7E.bmp 2015-01-03 16:26 - 2015-05-12 19:52 - 0000091 _____ () C:\Documents and Settings\Louise\Application Data\WB.CFG 2015-06-18 08:46 - 2015-06-18 09:55 - 0000528 _____ () C:\Documents and Settings\Louise\Local Settings\Application Data\0Bz-YSyewrAzp7lIwpw0GAit4NY6yCxbYDDlngBK0UI=.ED434653F3A976D0CDA0.xtbl 2012-06-24 17:50 - 2015-06-18 09:55 - 6923376 ____H () C:\Documents and Settings\Louise\Local Settings\Application Data\KQTWxOdZtFsy7ZkfLPoi7ogcLxrgYEH4hwKV066yrBY=.ED434653F3A976D0CDA0.xtbl 2012-06-24 18:26 - 2015-06-18 09:55 - 0070768 _____ () C:\Documents and Settings\Louise\Local Settings\Application Data\Pkfl2bmHta+uB7kwbUg99RueRPqb85x850-p5Cbd8qBh6MxAQGx5vH18R3FCm0DU.ED434653F3A976D0CDA0.xtbl 2015-05-10 10:36 - 2015-06-18 09:55 - 0004992 _____ () C:\Documents and Settings\Louise\Local Settings\Application Data\z-ec4vYW8mZKiIWqFfrB3OerZ9oxD6JA14mrFcw3PiJJF8VQ1Gjnfc2US5cY3FjyXICvslgI8ZS3x2eMcYYFuPQ7bMLtWNlG8ewUgfuDXvk=.ED434653F3A976D0CDA0.xtbl Files to move or delete: ==================== C:\Windows\Tasks\At1.job Some files in TEMP: ==================== C:\Documents and Settings\Louise\Local Settings\Temp\dllnt_dump.dll C:\Documents and Settings\Louise\Local Settings\Temp\ose00000.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signed C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================