OTL logfile created on: 4/7/2013 12:32:12 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 9.10.9200.16521) Locale: 00000409 | Country: États-Unis | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files Drive C: | 750.00 Mb Total Space | 546.88 Mb Free Space | 72.92% Space Free | Partition Type: NTFS Drive D: | 2.00 Gb Total Space | 0.24 Gb Free Space | 11.80% Space Free | Partition Type: FAT32 Drive E: | 415.13 Gb Total Space | 90.40 Gb Free Space | 21.78% Space Free | Partition Type: NTFS Drive F: | 3.77 Gb Total Space | 3.59 Gb Free Space | 95.44% Space Free | Partition Type: FAT32 Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2013/04/06 17:42:55 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/04/06 13:22:08 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/03/29 15:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand] -- E:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/02/28 13:09:08 | 000,161,384 | ---- | M] (Skype Technologies) [Auto] -- E:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/11/22 04:50:02 | 000,166,424 | ---- | M] (Microsoft Corp.) [Auto] -- E:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate) SRV - [2012/09/20 08:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011/11/28 14:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/01/02 12:58:19 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- E:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2010/10/20 03:56:50 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/05/26 07:54:32 | 000,245,842 | ---- | M] (IDT, Inc.) [Auto] -- E:\Program Files\IDT\WDM\stacsv.exe -- (STacSV) SRV - [2010/05/26 07:53:26 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto] -- E:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters) SRV - [2010/05/05 21:59:38 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) [Auto] -- E:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2010/05/04 15:06:34 | 000,327,680 | ---- | M] (DeviceVM, Inc.) [Auto] -- D:\Program Files\Dell\Reader 2.1\DVMExportService.exe -- (DvmMDES) SRV - [2010/03/29 13:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) [Auto] -- E:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService) SRV - [2010/03/24 01:09:28 | 000,812,448 | ---- | M] (Broadcom Corporation) [Auto] -- E:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service) SRV - [2010/03/24 01:09:28 | 000,027,040 | ---- | M] (Broadcom Corporation) [Auto] -- E:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage) SRV - [2010/03/03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010/02/08 17:19:28 | 000,386,928 | ---- | M] (Dell Inc.) [Auto] -- E:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc) SRV - [2010/02/03 18:24:20 | 001,032,192 | ---- | M] (Wave Systems Corp.) [On_Demand] -- E:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService) SRV - [2010/02/02 09:20:46 | 000,040,960 | ---- | M] (Dell Inc.) [Auto] -- E:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV - [2010/01/10 13:01:26 | 000,060,928 | ---- | M] () [Auto] -- E:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService) SRV - [2010/01/08 16:55:16 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto] -- E:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009/12/08 01:14:28 | 005,241,448 | ---- | M] () [Auto] -- E:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service) SRV - [2009/11/20 18:42:48 | 000,278,304 | ---- | M] (Dell Inc.) [Auto] -- E:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32) SRV - [2009/10/14 10:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto] -- E:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/11/12 14:25:48 | 001,273,856 | ---- | M] () [Auto] -- E:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe) SRV - [2008/03/18 06:28:46 | 000,068,096 | ---- | M] () [On_Demand] -- E:\cygwin\bin\cygrunsrv.exe -- (BrlAPI) SRV - [2006/12/14 11:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand] -- E:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | System] -- -- (pfdjcotz) DRV - File not found [Kernel | Auto] -- -- (iPodDrv) DRV - File not found [Kernel | System] -- -- (gyutpghh) DRV - [2013/02/27 16:32:08 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot] -- E:\Windows\System32\drivers\gfibto.sys -- (gfibto) DRV - [2013/02/18 03:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012/09/19 05:02:06 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV - [2012/09/19 05:02:06 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012/08/01 14:13:42 | 000,035,560 | ---- | M] (AnchorFree Inc.) [Kernel | System] -- E:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6) DRV - [2012/08/01 14:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- E:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2011/11/28 13:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System] -- E:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/11/28 13:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System] -- E:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/11/28 13:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System] -- E:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/11/28 13:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System] -- E:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/11/28 13:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto] -- E:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/11/28 13:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto] -- E:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/09/28 12:03:06 | 000,061,312 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand] -- E:\Windows\System32\drivers\silabser.sys -- (silabser) DRV - [2011/06/21 02:50:42 | 000,195,968 | ---- | M] (Jungo) [Kernel | On_Demand] -- E:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6) DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/11/19 03:12:49 | 000,017,408 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\xusb_emb.sys -- (XilinxFirmwareEmbeddedLpLoader) DRV - [2010/06/21 06:59:30 | 000,255,096 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2010/06/10 15:11:38 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand] -- E:\Windows\System32\drivers\silabenm.sys -- (silabenm) DRV - [2010/05/26 07:54:38 | 000,424,448 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2010/05/05 21:46:36 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vpnva.sys -- (vpnva) DRV - [2010/05/04 15:06:34 | 000,018,320 | ---- | M] (DeviceVM, Inc.) [Kernel | System] -- D:\Program Files\Dell\Reader 2.1\dvmio.sys -- (DVMIO) DRV - [2010/04/16 23:41:02 | 009,935,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010/04/06 04:36:20 | 000,224,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel(R) DRV - [2010/03/21 15:25:04 | 000,059,904 | ---- | M] (REDC) [Kernel | Auto] -- E:\Windows\System32\drivers\risdpe86.sys -- (risdpcie) DRV - [2010/03/21 15:25:04 | 000,048,640 | ---- | M] (REDC) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\rimspe86.sys -- (rimspci) DRV - [2010/03/21 15:25:04 | 000,038,912 | ---- | M] (REDC) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\rixdpe86.sys -- (rixdpcie) DRV - [2010/02/02 09:18:24 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2010/01/29 06:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System] -- E:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010/01/19 13:46:44 | 000,229,888 | ---- | M] (Wave Systems Corp.) [File_System | Auto] -- E:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr) DRV - [2010/01/18 08:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Accelern.sys -- (Acceler) DRV - [2010/01/18 08:56:26 | 000,017,072 | ---- | M] (ST Microelectronics) [Kernel | Boot] -- E:\Windows\System32\drivers\stdfltn.sys -- (stdflt) DRV - [2009/10/30 18:51:14 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv) DRV - [2009/10/20 14:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- E:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009/09/16 17:07:42 | 000,144,576 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt) DRV - [2009/05/28 11:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv) DRV - [2009/05/11 17:49:02 | 000,026,240 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- E:\Windows\System32\drivers\dmodusb.sys -- (dmodusb) DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot] -- E:\Windows\System32\drivers\PBADRV.sys -- (PBADRV) DRV - [2007/07/07 03:11:58 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\SNTNLUSB.SYS -- (Sntnlusb) DRV - [2007/07/07 03:11:40 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto] -- E:\Windows\System32\Drivers\SENTINEL.SYS -- (Sentinel) DRV - [2007/05/18 17:12:12 | 000,016,000 | ---- | M] (Xilinx, Inc.) [Kernel | Auto] -- E:\Windows\System32\drivers\xpc4drvr.sys -- (XilinxPC4Driver) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE9HP IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = http://www.google.com IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com IE - HKU\Pamela_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=E473953384BA3C3F871A03512E6FFA4F IE - HKU\Pamela_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Pamela_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 162.105.247.21:80 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "google.fr" FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: E:\Windows\System32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: E:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: File not found FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: E:\Users\Pamela\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: E:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/11/29 13:38:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/06 13:22:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/06 13:22:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/06 13:22:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/06 13:22:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/04/03 09:30:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/06 13:22:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/06 13:22:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/04/03 09:30:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/11/04 19:28:12 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Pamela\AppData\Roaming\Mozilla\Extensions [2010/10/20 05:36:51 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Pamela\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013/04/04 07:50:49 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Pamela\AppData\Roaming\Mozilla\Firefox\Profiles\fuxw8ams.default\extensions [2013/04/04 07:50:49 | 000,000,000 | ---D | M] (WOT) -- E:\Users\Pamela\AppData\Roaming\Mozilla\Firefox\Profiles\fuxw8ams.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013/02/27 16:43:50 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- E:\Users\Pamela\AppData\Roaming\Mozilla\Firefox\Profiles\fuxw8ams.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013/02/18 16:51:12 | 000,002,402 | ---- | M] () -- E:\Users\Pamela\AppData\Roaming\Mozilla\Firefox\Profiles\fuxw8ams.default\searchplugins\bingp.xml [2013/04/06 13:21:59 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions [2013/04/06 13:21:59 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} File not found (No name found) -- [2013/04/06 13:22:09 | 000,263,064 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll [2013/03/07 11:31:03 | 000,001,609 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2013/03/07 11:31:04 | 000,002,465 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/03/07 11:31:04 | 000,002,035 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/03/07 11:31:04 | 000,001,472 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2013/03/07 11:31:04 | 000,001,399 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2013/03/07 11:31:04 | 000,001,169 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [agentantidote.exe] E:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe (Druide informatique inc.) O4 - HKLM..\Run: [Apoint] E:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [APSDaemon] E:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] E:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BingDesktop] E:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.) O4 - HKLM..\Run: [Broadcom Wireless Manager UI] E:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [Dell Webcam Central] E:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DellBtrEvent] D:\Program Files\Dell\Reader 2.1\DellBtrEvent.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [DellControlPoint] E:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.) O4 - HKLM..\Run: [IAStorIcon] E:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Logitech Download Assistant] E:\Windows\System32\LogiLDA.dll (Logitech, Inc.) O4 - HKLM..\Run: [NvCplDaemon] E:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] E:\Windows\System32\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] E:\Windows\System32\nwiz.exe () O4 - HKLM..\Run: [PDF Complete] E:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [PDVDDXSrv] E:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [Smart File Advisor] E:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [SysTrayApp] E:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [USCService] E:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation) O4 - HKLM..\Run: [UVS11 Preload] E:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation) O4 - HKLM..\Run: [WavXMgr] E:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: E:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk () O4 - Startup: E:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Envoyer à OneNote - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xporter vers Microsoft Excel - E:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab (Java Plug-in 1.6.0_43) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab (Java Plug-in 10.17.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O30 - LSA: Authentication Packages - (wvauth) - E:\Windows\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found MsConfig - StartUpFolder: C:^Users^Pamela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^binternet.lnk - - File not found MsConfig - StartUpFolder: C:^Users^Pamela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - E:\Users\Pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) MsConfig - StartUpReg: [b]AppleSyncNotifier[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - E:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig - StartUpReg: [b]BCSSync[/b] - hkey= - key= - E:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - E:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - E:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Search Protection[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - E:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - E:\Program Files\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]wiLink[/b] - hkey= - key= - E:\Program Files\wiLink\bin\wiLink.exe () MsConfig - StartUpReg: [b]YSearchProtection[/b] - hkey= - key= - File not found MsConfig - State: "startup" - 2 Drivers32: msacm.dvacm - E:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation) Drivers32: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.MPEGacm - E:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - E:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: MSVideo8 - E:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: SENTINEL - E:\Windows\System32\SNTI386.DLL (Rainbow Technologies, Inc.) Drivers32: vidc.cvid - E:\Windows\System32\iccvid.dll (Radius Inc.) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/07 03:31:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Pamela\Desktop\OTL.exe [2013/04/07 03:29:35 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{2E0E4338-2CCD-4283-96E6-15D0D93BC754} [2013/04/06 17:15:57 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013/04/06 17:15:56 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner [2013/04/06 16:30:21 | 002,706,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb [2013/04/06 16:30:21 | 000,745,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\MsSpellCheckingFacility.exe [2013/04/06 16:30:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll [2013/04/06 16:30:21 | 000,523,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\vbscript.dll [2013/04/06 16:30:21 | 000,493,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll [2013/04/06 16:30:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\elshyph.dll [2013/04/06 16:30:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msrating.dll [2013/04/06 16:30:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msls31.dll [2013/04/06 16:30:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iexpress.exe [2013/04/06 16:30:21 | 000,138,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\wextract.exe [2013/04/06 16:30:21 | 000,137,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe [2013/04/06 16:30:21 | 000,117,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iepeers.dll [2013/04/06 16:30:21 | 000,110,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\IEAdvpack.dll [2013/04/06 16:30:21 | 000,082,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inseng.dll [2013/04/06 16:30:21 | 000,073,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\SetIEInstalledDate.exe [2013/04/06 16:30:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\RegisterIEPKEYs.exe [2013/04/06 16:30:21 | 000,057,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\pngfilt.dll [2013/04/06 16:30:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeedsbs.dll [2013/04/06 16:30:21 | 000,039,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll [2013/04/06 16:30:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\imgutil.dll [2013/04/06 16:30:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeedssync.exe [2013/04/06 16:30:20 | 002,877,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll [2013/04/06 16:30:20 | 001,441,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl [2013/04/06 16:30:20 | 001,400,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieapfltr.dat [2013/04/06 16:30:20 | 000,719,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtmlmedia.dll [2013/04/06 16:30:20 | 000,629,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieapfltr.dll [2013/04/06 16:30:20 | 000,391,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll [2013/04/06 16:30:20 | 000,361,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\html.iec [2013/04/06 16:30:20 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\dxtmsft.dll [2013/04/06 16:30:20 | 000,242,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iedkcs32.dll [2013/04/06 16:30:20 | 000,232,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll [2013/04/06 16:30:20 | 000,226,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\dxtrans.dll [2013/04/06 16:30:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iesysprep.dll [2013/04/06 16:30:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iesetup.dll [2013/04/06 16:30:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtmler.dll [2013/04/06 16:30:20 | 000,042,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ie4uinit.exe [2013/04/06 16:30:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iernonce.dll [2013/04/06 16:30:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\licmgr10.dll [2013/04/06 16:12:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2013/04/06 16:11:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\rdpvideominiport.sys [2013/04/06 16:11:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/06 16:11:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\RdpGroupPolicyExtension.dll [2013/04/06 16:11:42 | 000,049,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\TsUsbFlt.sys [2013/04/06 16:11:29 | 000,037,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\tsgqec.dll [2013/04/06 16:11:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\wksprtPS.dll [2013/04/06 16:11:27 | 000,269,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\aaclient.dll [2013/04/06 16:11:27 | 000,221,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\rdpudd.dll [2013/04/06 16:11:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\TSWbPrxy.exe [2013/04/06 16:11:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\MsRdpWebAccess.dll [2013/04/06 16:11:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\TsUsbGDCoInstaller.dll [2013/04/06 16:11:26 | 000,317,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\wksprt.exe [2013/04/06 16:11:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\rdpendp_winip.dll [2013/04/06 16:11:24 | 002,739,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\rdpcorets.dll [2013/04/06 16:08:33 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop [2013/04/06 16:08:05 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft [2013/04/06 15:40:09 | 001,039,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\lsasrv.dll [2013/04/06 15:40:04 | 000,514,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\qdvd.dll [2013/04/06 13:21:58 | 000,000,000 | ---D | C] -- E:\Program Files\Mozilla Firefox [2013/04/05 14:35:28 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{11063596-B70E-4569-8EE7-66D1F5B67675} [2013/04/04 15:27:37 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2013/04/04 07:50:26 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{AA238510-3B06-47ED-BA79-D6F5C2866B62} [2013/04/03 09:30:41 | 000,000,000 | ---D | C] -- E:\Program Files\Mozilla Thunderbird [2013/04/03 07:05:45 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{0254D083-59D1-429B-8F5B-0FD229561AD8} [2013/04/02 03:58:45 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{3D6B99A3-CBEF-477B-9832-564E345AC076} [2013/03/31 23:25:25 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{E78F379B-7169-4C12-8661-74C302BEF8FF} [2013/03/31 11:35:37 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Skype [2013/03/31 11:24:36 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{7E52BBE2-7E38-4610-BAB2-171682CE020D} [2013/03/30 10:26:42 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{EC5425EA-CB7B-4C5E-B365-E18945118C50} [2013/03/30 10:18:30 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{1D198A57-89D9-4927-8BE0-05CE88CF2D1A} [2013/03/29 04:23:20 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{DD94EE97-AEB9-48E5-9B9F-F133CE4ABF43} [2013/03/29 04:22:59 | 000,000,000 | ---D | C] -- E:\Users\Pamela\Desktop\archi_13 [2013/03/25 17:38:13 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{69815619-B192-402D-91A2-E614773ECD88} [2013/03/22 16:56:12 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{B1DEAF62-578E-4B5C-A7A8-EBB68E31D6B5} [2013/03/22 04:55:57 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{FEBB7F37-B5AB-46C6-87D4-56C32AEA5033} [2013/03/22 04:34:56 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{99AE235E-E470-4948-AB6D-B8FC782D631E} [2013/03/21 15:23:40 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{A3FED730-FF15-4654-AEF0-5752F2E4A3BF} [2013/03/21 04:55:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\usb8023.sys [2013/03/18 05:09:48 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{9515A607-4623-4BD4-A79E-0FD6EF30959A} [2013/03/16 13:35:21 | 000,000,000 | ---D | C] -- E:\JavaEE5 [2013/03/16 12:53:38 | 000,262,560 | ---- | C] (Oracle Corporation) -- E:\Windows\System32\javaws.exe [2013/03/16 12:53:26 | 000,094,112 | ---- | C] (Oracle Corporation) -- E:\Windows\System32\WindowsAccessBridge.dll [2013/03/16 12:49:22 | 000,000,000 | ---D | C] -- E:\Java [2013/03/16 12:42:15 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Roaming\updatetool [2013/03/16 12:41:12 | 000,000,000 | ---D | C] -- E:\glassfish3 [2013/03/16 12:19:57 | 000,000,000 | ---D | C] -- E:\apache-ant-1.9.0-bin [2013/03/16 09:25:42 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{98DEE82E-4D52-4E9A-AE38-0E5953A4BE02} [2013/03/15 04:45:47 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{C5E504EB-4D0F-4CDC-AEA2-E9F6C1157812} [2013/03/14 05:46:07 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{713808CB-AC13-4A39-9706-EEAA915B518F} [2013/03/11 09:05:53 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{DC7CEC75-7785-4273-90DA-118CF006180B} [2013/03/10 17:15:58 | 000,000,000 | ---D | C] -- E:\Users\Pamela\AppData\Local\{902508F0-E6D3-46B1-A44C-7EF13A3DEFBC} [2 E:\Users\Pamela\Desktop\*.tmp files -> E:\Users\Pamela\Desktop\*.tmp -> ] [1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/07 05:10:59 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat [2013/04/07 05:10:00 | 000,001,002 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/07 04:43:00 | 000,001,100 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-694517828-1347466277-1152020028-1000UA.job [2013/04/07 04:43:00 | 000,001,078 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-694517828-1347466277-1152020028-1000Core.job [2013/04/07 03:35:29 | 000,025,424 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/07 03:35:29 | 000,025,424 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/07 03:33:12 | 000,714,710 | ---- | M] () -- E:\Windows\System32\perfh00C.dat [2013/04/07 03:33:12 | 000,625,154 | ---- | M] () -- E:\Windows\System32\perfh009.dat [2013/04/07 03:33:12 | 000,135,994 | ---- | M] () -- E:\Windows\System32\perfc00C.dat [2013/04/07 03:33:12 | 000,110,792 | ---- | M] () -- E:\Windows\System32\perfc009.dat [2013/04/07 03:31:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Pamela\Desktop\OTL.exe [2013/04/07 03:28:46 | 000,000,000 | ---- | M] () -- E:\Users\Pamela\AppData\Local\WavXMapDrive.bat [2013/04/07 03:27:08 | 2609,246,208 | -HS- | M] () -- E:\hiberfil.sys [2013/04/06 23:29:37 | 000,003,608 | ---- | M] () -- E:\bootsqm.dat [2013/04/06 18:19:08 | 419,776,257 | ---- | M] () -- E:\Windows\MEMORY.DMP [2013/04/06 17:42:55 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerApp.exe [2013/04/06 17:42:55 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerCPLApp.cpl [2013/04/06 17:15:57 | 000,000,967 | ---- | M] () -- E:\Users\Public\Desktop\CCleaner.lnk [2013/04/06 17:15:57 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013/04/06 16:30:21 | 002,877,440 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll [2013/04/06 16:30:21 | 002,706,432 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb [2013/04/06 16:30:21 | 000,745,472 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\MsSpellCheckingFacility.exe [2013/04/06 16:30:21 | 000,690,688 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll [2013/04/06 16:30:21 | 000,523,264 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\vbscript.dll [2013/04/06 16:30:21 | 000,493,056 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll [2013/04/06 16:30:21 | 000,185,344 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\elshyph.dll [2013/04/06 16:30:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msrating.dll [2013/04/06 16:30:21 | 000,158,720 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msls31.dll [2013/04/06 16:30:21 | 000,150,528 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iexpress.exe [2013/04/06 16:30:21 | 000,138,752 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\wextract.exe [2013/04/06 16:30:21 | 000,137,216 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe [2013/04/06 16:30:21 | 000,117,248 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iepeers.dll [2013/04/06 16:30:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\IEAdvpack.dll [2013/04/06 16:30:21 | 000,082,432 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\inseng.dll [2013/04/06 16:30:21 | 000,073,728 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\SetIEInstalledDate.exe [2013/04/06 16:30:21 | 000,071,680 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\RegisterIEPKEYs.exe [2013/04/06 16:30:21 | 000,057,344 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\pngfilt.dll [2013/04/06 16:30:21 | 000,041,984 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msfeedsbs.dll [2013/04/06 16:30:21 | 000,039,936 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll [2013/04/06 16:30:21 | 000,038,400 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\imgutil.dll [2013/04/06 16:30:21 | 000,011,776 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msfeedssync.exe [2013/04/06 16:30:20 | 001,441,280 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl [2013/04/06 16:30:20 | 001,400,416 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieapfltr.dat [2013/04/06 16:30:20 | 000,719,360 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\mshtmlmedia.dll [2013/04/06 16:30:20 | 000,629,248 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieapfltr.dll [2013/04/06 16:30:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll [2013/04/06 16:30:20 | 000,361,984 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\html.iec [2013/04/06 16:30:20 | 000,357,888 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\dxtmsft.dll [2013/04/06 16:30:20 | 000,242,200 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iedkcs32.dll [2013/04/06 16:30:20 | 000,232,960 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\url.dll [2013/04/06 16:30:20 | 000,226,816 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\dxtrans.dll [2013/04/06 16:30:20 | 000,109,056 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iesysprep.dll [2013/04/06 16:30:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iesetup.dll [2013/04/06 16:30:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\mshtmler.dll [2013/04/06 16:30:20 | 000,042,496 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ie4uinit.exe [2013/04/06 16:30:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\iernonce.dll [2013/04/06 16:30:20 | 000,025,185 | ---- | M] () -- E:\Windows\System32\ieuinit.inf [2013/04/06 16:30:20 | 000,023,040 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\licmgr10.dll [2013/04/06 16:17:04 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [2013/04/06 16:08:33 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop [2013/04/06 14:06:15 | 000,001,935 | ---- | M] () -- E:\Users\Public\Desktop\ZHPFix.lnk [2013/04/06 14:06:15 | 000,001,808 | ---- | M] () -- E:\Users\Public\Desktop\ZHPDiag.lnk [2013/04/06 14:06:15 | 000,000,958 | ---- | M] () -- E:\Users\Public\Desktop\MBRCheck.lnk [2013/04/05 14:36:25 | 000,001,011 | ---- | M] () -- E:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2013/04/05 04:00:33 | 000,002,058 | ---- | M] () -- E:\Users\Pamela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk [2013/04/03 09:04:07 | 002,232,957 | ---- | M] () -- E:\Users\Pamela\Desktop\cec_anne_so.jpg [2013/03/31 11:31:18 | 000,001,055 | ---- | M] () -- E:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/03/27 12:13:00 | 006,249,224 | ---- | M] () -- E:\Users\Pamela\Desktop\IMG_6616.JPG [2013/03/20 12:05:00 | 000,001,119 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/03/20 12:05:00 | 000,001,107 | ---- | M] () -- E:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/03/18 06:19:18 | 000,027,803 | ---- | M] () -- E:\Users\Pamela\Desktop\lettre_motivation_Capgemini.pdf [2013/03/16 12:53:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\WindowsAccessBridge.dll [2013/03/16 12:53:18 | 000,861,088 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\npdeployJava1.dll [2013/03/16 12:53:18 | 000,782,240 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\deployJava1.dll [2013/03/16 12:53:18 | 000,262,560 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\javaws.exe [2013/03/16 12:53:18 | 000,174,496 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\javaw.exe [2013/03/16 12:53:18 | 000,174,496 | ---- | M] (Oracle Corporation) -- E:\Windows\System32\java.exe [2013/03/16 09:34:41 | 006,133,894 | ---- | M] () -- E:\Users\Pamela\Desktop\[EYROLLES] Les cahiers du programmeur - Java EE 5.pdf [2013/03/16 09:31:57 | 006,000,354 | ---- | M] () -- E:\Users\Pamela\Desktop\the_coffee.JPG [2013/03/14 06:45:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/03/11 19:10:56 | 000,237,088 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\MpSigStub.exe [2 E:\Users\Pamela\Desktop\*.tmp files -> E:\Users\Pamela\Desktop\*.tmp -> ] [1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/06 23:29:37 | 000,003,608 | ---- | C] () -- E:\bootsqm.dat [2013/04/06 18:19:08 | 419,776,257 | ---- | C] () -- E:\Windows\MEMORY.DMP [2013/04/06 17:15:57 | 000,000,967 | ---- | C] () -- E:\Users\Public\Desktop\CCleaner.lnk [2013/04/06 16:30:20 | 000,025,185 | ---- | C] () -- E:\Windows\System32\ieuinit.inf [2013/04/06 14:06:15 | 000,001,935 | ---- | C] () -- E:\Users\Public\Desktop\ZHPFix.lnk [2013/04/06 14:06:15 | 000,001,808 | ---- | C] () -- E:\Users\Public\Desktop\ZHPDiag.lnk [2013/04/06 14:06:15 | 000,000,958 | ---- | C] () -- E:\Users\Public\Desktop\MBRCheck.lnk [2013/04/04 15:27:38 | 000,001,011 | ---- | C] () -- E:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2013/04/03 09:03:44 | 002,232,957 | ---- | C] () -- E:\Users\Pamela\Desktop\cec_anne_so.jpg [2013/03/31 14:00:58 | 006,249,224 | ---- | C] () -- E:\Users\Pamela\Desktop\IMG_6616.JPG [2013/03/20 12:05:00 | 000,001,119 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/03/20 12:05:00 | 000,001,107 | ---- | C] () -- E:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/03/18 06:17:52 | 000,027,803 | ---- | C] () -- E:\Users\Pamela\Desktop\lettre_motivation_Capgemini.pdf [2013/03/16 09:34:39 | 006,133,894 | ---- | C] () -- E:\Users\Pamela\Desktop\[EYROLLES] Les cahiers du programmeur - Java EE 5.pdf [2013/03/16 09:31:52 | 006,000,354 | ---- | C] () -- E:\Users\Pamela\Desktop\the_coffee.JPG [2012/06/13 11:56:10 | 000,000,094 | ---- | C] () -- E:\Users\Pamela\AppData\Local\fusioncache.dat [2012/04/30 05:58:51 | 000,000,148 | -H-- | C] () -- E:\Windows\System32\WN125047.bin [2012/04/30 05:58:51 | 000,000,148 | -H-- | C] () -- E:\Windows\AC841540.bin [2012/04/30 05:58:51 | 000,000,082 | ---- | C] () -- E:\Windows\Antidote7.ini [2012/04/03 04:44:24 | 000,164,864 | ---- | C] () -- E:\Windows\System32\UNWISE32.EXE [2011/09/28 12:44:14 | 000,179,271 | ---- | C] () -- E:\Windows\System32\xlive.dll.cat [2011/08/18 16:33:36 | 000,000,000 | ---- | C] () -- E:\Users\Pamela\AppData\Local\{F26BC4E9-1984-44AC-8972-DD8BF4C0D2BD} [2011/08/09 08:28:03 | 000,000,218 | ---- | C] () -- E:\Windows\SIERRA.INI [2011/08/07 08:00:45 | 000,120,200 | ---- | C] () -- E:\Windows\System32\DLLDEV32i.dll [2011/08/07 08:00:22 | 000,006,651 | ---- | C] () -- E:\Windows\mgxoschk.ini [2011/08/07 06:22:04 | 000,210,456 | ---- | C] () -- E:\Windows\System32\IVIresizeW7.dll [2011/08/07 06:22:04 | 000,206,360 | ---- | C] () -- E:\Windows\System32\IVIresizeA6.dll [2011/08/07 06:22:04 | 000,198,168 | ---- | C] () -- E:\Windows\System32\IVIresizeP6.dll [2011/08/07 06:22:04 | 000,198,168 | ---- | C] () -- E:\Windows\System32\IVIresizeM6.dll [2011/08/07 06:22:04 | 000,194,072 | ---- | C] () -- E:\Windows\System32\IVIresizePX.dll [2011/08/07 06:22:04 | 000,026,136 | ---- | C] () -- E:\Windows\System32\IVIresize.dll [2011/06/20 23:32:28 | 000,252,928 | ---- | C] () -- E:\Windows\System32\DShowRdpFilter.dll [2011/06/20 23:31:24 | 000,066,048 | ---- | C] () -- E:\Windows\System32\PrintBrmUi.exe [2011/04/21 11:31:08 | 000,007,606 | ---- | C] () -- E:\Users\Pamela\AppData\Local\Resmon.ResmonCfg [2010/10/21 06:26:35 | 000,116,224 | ---- | C] () -- E:\Windows\System32\pdfcmnnt.dll [2010/10/20 12:45:31 | 000,000,056 | -H-- | C] () -- E:\ProgramData\ezsidmv.dat [2010/10/19 08:38:09 | 000,000,000 | ---- | C] () -- E:\Users\Pamela\AppData\Local\WavXMapDrive.bat [2010/10/10 21:46:29 | 000,006,656 | ---- | C] () -- E:\Windows\System32\bcmwlrc.dll [2010/10/10 21:40:38 | 000,308,624 | ---- | C] () -- E:\Windows\System32\brcmbsp.dll [2010/10/10 21:40:38 | 000,206,216 | ---- | C] () -- E:\Windows\System32\bipbsp.dll [2010/10/10 21:39:33 | 000,080,368 | ---- | C] () -- E:\Windows\System32\pbadrvdll.dll [2010/10/10 14:30:08 | 001,731,176 | ---- | C] () -- E:\Windows\System32\nvwdmcpl.dll [2010/10/10 14:30:08 | 001,657,448 | ---- | C] () -- E:\Windows\System32\nwiz.exe [2010/10/10 14:30:08 | 001,612,392 | ---- | C] () -- E:\Windows\System32\nView.dll [2010/10/10 14:30:08 | 001,108,584 | ---- | C] () -- E:\Windows\System32\nvwimg.dll [2010/10/10 14:30:08 | 000,473,704 | ---- | C] () -- E:\Windows\System32\nvShell.dll [2010/10/10 14:30:08 | 000,449,128 | ---- | C] () -- E:\Windows\System32\nvAppBar.exe [2010/10/10 14:30:08 | 000,262,248 | ---- | C] () -- E:\Windows\System32\nViewSetup.exe [2010/04/16 23:02:42 | 000,040,588 | ---- | C] () -- E:\Windows\System32\nvcoproc.bin [2010/03/02 13:46:38 | 000,010,752 | ---- | C] () -- E:\Windows\System32\Wavx_ESC_Logging.dll [2010/02/05 11:08:16 | 000,362,029 | ---- | C] () -- E:\Windows\System32\sqlite3.dll [2010/02/04 12:18:22 | 000,094,208 | ---- | C] () -- E:\Windows\System32\Internationalization_th.dll [2010/02/04 12:18:22 | 000,081,920 | ---- | C] () -- E:\Windows\System32\Internationalization_zh-HK.dll [2010/02/04 12:18:20 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_sl.dll [2010/02/04 12:18:18 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_sk.dll [2010/02/04 12:18:18 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_hr.dll [2010/02/04 12:18:12 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_ro.dll [2010/02/04 12:18:12 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_tr.dll [2010/02/04 12:18:10 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_pt-BR.dll [2010/02/04 12:18:10 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_hu.dll [2010/02/04 12:18:08 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_fi.dll [2010/02/04 12:18:08 | 000,094,208 | ---- | C] () -- E:\Windows\System32\Internationalization_he.dll [2010/02/04 12:18:06 | 000,106,496 | ---- | C] () -- E:\Windows\System32\Internationalization_el.dll [2010/02/04 12:18:06 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_cs.dll [2010/02/04 12:18:04 | 000,094,208 | ---- | C] () -- E:\Windows\System32\Internationalization_ar.dll [2010/02/04 12:18:04 | 000,081,920 | ---- | C] () -- E:\Windows\System32\Internationalization_zh-CHT.dll [2010/02/04 12:18:02 | 000,081,920 | ---- | C] () -- E:\Windows\System32\Internationalization_zh-CHS.dll [2010/02/04 12:18:00 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_sv.dll [2010/02/04 12:18:00 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_ru.dll [2010/02/04 12:17:58 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_pt.dll [2010/02/04 12:17:58 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_pl.dll [2010/02/04 12:17:56 | 000,106,496 | ---- | C] () -- E:\Windows\System32\Internationalization_nl.dll [2010/02/04 12:17:56 | 000,098,304 | ---- | C] () -- E:\Windows\System32\Internationalization_no.dll [2010/02/04 12:17:54 | 000,090,112 | ---- | C] () -- E:\Windows\System32\Internationalization_ko.dll [2010/02/04 12:17:54 | 000,090,112 | ---- | C] () -- E:\Windows\System32\Internationalization_ja.dll [2010/02/04 12:17:52 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_it.dll [2010/02/04 12:17:50 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_fr.dll [2010/02/04 12:17:50 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_es.dll [2010/02/04 12:17:48 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_de.dll [2010/02/04 12:17:46 | 000,102,400 | ---- | C] () -- E:\Windows\System32\Internationalization_da.dll [2010/01/19 13:44:30 | 000,249,856 | ---- | C] () -- E:\Windows\System32\wxvault.dll [2009/11/06 16:27:22 | 000,839,680 | ---- | C] () -- E:\Windows\System32\DemoLicense.dll [2009/10/20 14:19:30 | 000,053,299 | ---- | C] () -- E:\Windows\System32\pthreadVC.dll [2009/08/26 17:25:08 | 000,917,504 | ---- | C] () -- E:\Windows\System32\lmgr10.dll [2009/07/14 04:39:49 | 000,714,710 | ---- | C] () -- E:\Windows\System32\perfh00C.dat [2009/07/14 04:39:49 | 000,344,522 | ---- | C] () -- E:\Windows\System32\perfi00C.dat [2009/07/14 04:39:49 | 000,135,994 | ---- | C] () -- E:\Windows\System32\perfc00C.dat [2009/07/14 04:39:49 | 000,038,160 | ---- | C] () -- E:\Windows\System32\perfd00C.dat [2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat [2009/07/14 00:33:53 | 000,581,368 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT [2009/07/13 22:05:48 | 000,625,154 | ---- | C] () -- E:\Windows\System32\perfh009.dat [2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.dat [2009/07/13 22:05:48 | 000,110,792 | ---- | C] () -- E:\Windows\System32\perfc009.dat [2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.dat [2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT [2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat [2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin [2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat [2008/10/07 04:13:30 | 000,197,912 | ---- | C] () -- E:\Windows\System32\physxcudart_20.dll [2008/10/07 04:13:22 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelSwedish.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelSpanish.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelPortugese.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelKorean.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelJapanese.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelGerman.dll [2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- E:\Windows\System32\AgCPanelFrench.dll [2008/03/25 10:46:00 | 000,077,536 | ---- | C] () -- E:\Windows\System32\xltZlib.dll [2007/08/29 10:55:38 | 000,081,920 | ---- | C] () -- E:\Windows\System32\sw2_ttls_manager.exe [2006/06/30 13:58:44 | 000,176,128 | ---- | C] () -- E:\Windows\System32\bioapi_mds300.dll [2006/06/30 13:58:44 | 000,126,976 | ---- | C] () -- E:\Windows\System32\bioapi100.dll [color=#E56717]========== LOP Check ==========[/color] [2013/02/28 05:22:54 | 000,000,000 | ---D | M] -- E:\ProgramData\.cse [2013/02/13 05:27:30 | 000,000,000 | ---D | M] -- E:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2011/11/18 07:15:20 | 000,000,000 | ---D | M] -- E:\ProgramData\2DBoy [2013/02/27 17:13:48 | 000,000,000 | ---D | M] -- E:\ProgramData\Ad-Aware Antivirus [2010/10/19 03:43:13 | 000,000,000 | ---D | M] -- E:\ProgramData\Alwil Software [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data [2010/11/26 13:37:35 | 000,000,000 | ---D | M] -- E:\ProgramData\Brawsome [2010/10/10 21:39:56 | 000,000,000 | ---D | M] -- E:\ProgramData\Broadcom [2010/10/19 08:36:37 | 000,000,000 | -HSD | M] -- E:\ProgramData\Bureau [2011/10/04 03:00:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Cisco [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents [2013/02/27 16:44:12 | 000,000,000 | ---D | M] -- E:\ProgramData\Downloaded Installations [2011/11/07 09:38:33 | 000,000,000 | ---D | M] -- E:\ProgramData\Driver Utilities [2011/10/01 19:38:24 | 000,000,000 | -HSD | M] -- E:\ProgramData\DSS [2011/06/20 16:34:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Easybits GO [2010/10/19 08:36:37 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoris [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites [2010/11/23 17:55:40 | 000,000,000 | ---D | M] -- E:\ProgramData\Gamerizon [2012/04/03 04:44:26 | 000,000,000 | ---D | M] -- E:\ProgramData\HyperTerminal [2011/08/07 06:22:05 | 000,000,000 | ---D | M] -- E:\ProgramData\InterVideo [2013/02/17 11:55:26 | 000,000,000 | ---D | M] -- E:\ProgramData\lib [2011/10/01 05:10:49 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX [2010/10/19 08:36:37 | 000,000,000 | -HSD | M] -- E:\ProgramData\Menu Démarrer [2010/10/19 08:36:37 | 000,000,000 | -HSD | M] -- E:\ProgramData\Modèles [2010/10/10 21:49:36 | 000,000,000 | ---D | M] -- E:\ProgramData\NTRU Cryptosystems [2013/04/06 18:06:28 | 000,000,000 | ---D | M] -- E:\ProgramData\PDFC [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates [2012/08/08 12:09:29 | 000,000,000 | ---D | M] -- E:\ProgramData\tmp [2012/11/04 13:26:22 | 000,000,000 | ---D | M] -- E:\ProgramData\ubuntuone [2012/11/04 13:26:22 | 000,000,000 | ---D | M] -- E:\ProgramData\ubuntuone-storageprotocol [2011/08/07 06:29:36 | 000,000,000 | ---D | M] -- E:\ProgramData\Ulead Systems [2010/10/10 21:53:59 | 000,000,000 | ---D | M] -- E:\ProgramData\Uninstall [2010/10/10 21:52:26 | 000,000,000 | ---D | M] -- E:\ProgramData\Wave Systems Corp [2011/07/13 05:36:56 | 000,000,000 | ---D | M] -- E:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/10/10 21:54:25 | 000,000,000 | ---D | M] -- E:\ProgramData\{BABCE4AB-AD57-4904-8E84-026E11C6632A} [2013/04/07 04:43:00 | 000,001,078 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-694517828-1347466277-1152020028-1000Core.job [2013/04/07 04:43:00 | 000,001,100 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-694517828-1347466277-1152020028-1000UA.job [2013/03/31 11:23:34 | 000,032,496 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2010/10/11 00:22:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe [2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2010/10/11 00:22:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/03/01 11:43:13 | 000,017,408 | ---- | M] () MD5=5C8CE6E854147E82C5C7A717EA945F9D -- E:\Users\Pamela\AppData\Local\Xenocode\ApplianceCaches\zPen-START.exe_v74F77768\Native\STUBEXE\@WINDIR@\explorer.exe [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\explorer.exe [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2010/10/11 00:22:28 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2010/10/11 00:22:28 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2010/10/11 00:22:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [2010/10/11 00:22:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe [color=#A23BEC]< MD5 for: LSASS.EXE >[/color] [2011/11/17 03:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe [2012/08/24 12:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- E:\Windows\System32\lsass.exe [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe [2012/06/02 00:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe [2011/11/17 01:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe [2011/11/17 01:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe [2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe [2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe [2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe [2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe [2012/06/02 00:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe [2011/11/17 01:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- E:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- E:\Windows\System32\services.exe [2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- E:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\System32\svchost.exe [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\System32\userinit.exe [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- E:\Windows\System32\wininit.exe [2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- E:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/10/11 00:22:35 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2010/10/11 00:22:35 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- E:\Windows\System32\winlogon.exe [2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2007/11/07 03:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- E:\install.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2010/11/20 08:19:02 | 000,828,928 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- E:\Windows\system32\fontext.dll [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- E:\Windows\system32\shell32.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] < End of report >