OTL logfile created on: 25/04/2013 16:23:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\TEST\Mes documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1023,36 Mb Total Physical Memory | 523,40 Mb Available Physical Memory | 51,15% Memory free 2,40 Gb Paging File | 1,96 Gb Available in Paging File | 81,49% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 10,11 Gb Free Space | 34,53% Space Free | Partition Type: NTFS Drive D: | 321,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 82,49 Gb Total Space | 4,43 Gb Free Space | 5,37% Space Free | Partition Type: NTFS Computer Name: UTILISAT-6AA547 | User Name: TEST | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\TEST\Mes documents\Downloads\OTL (1).exe (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Program Files\cacaoweb\cacaoweb.exe () PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe () PRC - C:\Program Files\tuto4pc_fr_23\tuto4pc_fr_23.exe () PRC - C:\Documents and Settings\TEST\Local Settings\Application Data\tuto4pc_fr_23\upt4pc_fr_23.exe () PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION) PRC - c:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - c:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel Corporation) PRC - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\AVAST Software\Avast\defs\13042500\algo.dll () MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () MOD - C:\Program Files\cacaoweb\cacaoweb.exe () MOD - C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe () MOD - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () MOD - C:\Program Files\tuto4pc_fr_23\tuto4pc_fr_23.exe () MOD - C:\Documents and Settings\TEST\Local Settings\Application Data\tuto4pc_fr_23\upt4pc_fr_23.exe () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe File not found SRV - (WajamUpdater) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (BrowserProtect) -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe () SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.) SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.) SRV - (wlidsvc) -- c:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY) SRV - (UPnPService) -- C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel Corporation) SRV - (EpsonBidirectionalService) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (XDva397) -- C:\WINDOWS\system32\XDva397.sys File not found DRV - (WDICA) -- File not found DRV - (UIUSys) -- system32\drivers\UIUSys.sys File not found DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys () DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys () DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (AmdLLD) -- C:\WINDOWS\system32\drivers\AmdLLD.sys (AMD, Inc.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.) DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation) DRV - (sonypvs1) -- C:\WINDOWS\system32\drivers\sonypvs1.sys (Sony Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/home?affID=119546 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found IE - HKCU\..\URLSearchHook: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\prxtbRec0.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119546&babsrc=SP_def&mntrId=4ce860960000000000000012f0272c49 IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.127.0 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0 FF - prefs.js..browser.search.selectedEngine: "Ask.com Search" FF - prefs.js..browser.search.defaultengine: "Ask.com Search" FF - prefs.js..browser.search.defaultenginename: "Ask.com Search" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/17 21:00:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/03/02 18:30:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/04/04 21:22:28 | 000,037,909 | ---- | M] () [2012/02/13 20:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Extensions [2013/03/04 23:47:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions [2012/02/14 21:47:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013/04/23 13:13:38 | 000,000,000 | ---D | M] (Wajam) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [2012/08/31 22:41:49 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2012/02/18 13:36:22 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2013/03/02 18:29:09 | 000,000,000 | ---D | M] ("Services x86") -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com [2012/02/15 15:16:51 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\battlefieldheroespatcher@ea.com [2012/11/20 22:17:14 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\cacaoweb@cacaoweb.org [2012/08/31 22:42:18 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\ffxtlbr@babylon.com [2013/03/02 18:29:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com\chrome\content\extensionCode [2012/12/02 20:53:49 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\searchplugins\askcom.xml [2013/02/26 12:06:06 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\searchplugins\askcomsearch.xml [2013/03/02 18:34:55 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\searchplugins\delta.xml [2012/02/18 13:36:00 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\searchplugins\sweetim.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin8.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Recherche Google = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: T\u00E9l\u00E9vision = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\edmenbbkdinanecgnpphpfdbdlnfobnb\1.0.0_0\ CHR - Extension: avast! WebRep = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\ CHR - Extension: RealDownloader = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\ CHR - Extension: Wajam = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: cacaoweb = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\leahdjjpjmnamomgpojikeapflgbmjab\1.13_0\ CHR - Extension: TV France - Regarder T\u00E9l\u00E9vision = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbchiajonfncphfgplcmdojihhlbffbd\2.2_0\ CHR - Extension: BrowserProtect = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\ CHR - Extension: Gmail = C:\Documents and Settings\TEST\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2004/08/05 11:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found O2 - BHO: (Services x86) - {11111111-1111-1111-1111-110211701196} - C:\Program Files\Services x86\Services x86.dll (Corporate Inc) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found. O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O2 - BHO: (Discover France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\prxtbRec0.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (Discover France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\prxtbRec0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Discover France Toolbar) - {D5B75883-E809-4120-BFEB-8D707D5DFBE3} - C:\Program Files\Recherche_France\prxtbRec0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tuto4pc_fr_23] C:\Program Files\tuto4pc_fr_23\tuto4pc_fr_23.exe () O4 - HKLM..\Run: [upt4pc_fr_23.exe] C:\Documents and Settings\TEST\Local Settings\Application Data\tuto4pc_fr_23\upt4pc_fr_23.exe () O4 - HKCU..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe () O4 - HKCU..\Run: [EPSON SX235 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found O4 - HKCU..\Run: [Updater27096.exe] C:\Documents and Settings\TEST\Local Settings\Application Data\Updater27096\Updater27096.exe /extensionid=27096 /extensionname='Services x86' /chromeid=cnmdgidklhhnmppphpohildcefnaaflp /stayidle /delay=300 File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DCB7EB4-9305-4818-A233-545907EA5E34}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/12/07 12:41:53 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/12/22 00:03:36 | 000,000,033 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe - (Sony Corporation) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe - (Sony Corporation.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.) MsConfig - StartUpFolder: C:^Documents and Settings^TEST^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe - () MsConfig - StartUpReg: [b]ApnUpdater[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig - StartUpReg: [b]avgnt[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]BlackBerryAutoUpdate[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]cacaoweb[/b] - hkey= - key= - C:\Program Files\cacaoweb\cacaoweb.exe () MsConfig - StartUpReg: [b]EEventManager[/b] - hkey= - key= - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) MsConfig - StartUpReg: [b]Facebook Update[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: [b]lollipop[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]upt4pc_fr_23.exe[/b] - hkey= - key= - C:\Documents and Settings\TEST\Local Settings\Application Data\tuto4pc_fr_23\upt4pc_fr_23.exe () ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5.1 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597) ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: D27CDB6E-AE6D-11CF-96B8-444553540000 - Adobe Flash Player 9 ActiveX Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/23 18:34:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Application Data\PriceGong [2013/04/23 13:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Menu Démarrer\Programmes\Wajam [2013/04/23 13:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Local Settings\Application Data\Wajam [2013/04/23 13:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam [2013/04/17 21:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Symantec Shared [2013/04/17 21:01:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS [2013/04/17 21:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan [2013/04/17 21:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Norton Security Scan [2013/04/17 21:01:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0307020.00A [2013/04/17 21:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2013/04/17 21:01:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Application Data\RealNetworks [2013/04/17 21:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2013/04/17 21:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2013/04/17 21:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks [2013/04/17 21:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks [2013/04/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared [2013/04/17 20:59:37 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/04/17 20:59:24 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/04/17 20:59:24 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/04/17 20:59:23 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/04/17 20:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealNetworks [2013/04/17 20:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2013/04/17 20:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Local Settings\Application Data\Real [2013/04/17 20:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Application Data\Real [2013/04/17 20:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real [2013/03/28 21:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2013/03/28 21:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2013/03/28 21:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Cleaner [2013/03/28 20:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/25 16:30:19 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013/04/25 16:26:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/04/25 16:21:27 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/04/25 16:21:17 | 000,450,560 | ---- | M] () -- C:\Documents and Settings\TEST\Bureau\cacaoweb.exe [2013/04/25 16:20:48 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-790525478-2049760794-725345543-1006.job [2013/04/25 16:20:47 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/04/25 16:20:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/04/25 16:03:04 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/04/25 15:40:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-2049760794-725345543-1006UA.job [2013/04/25 14:06:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013/04/25 13:42:08 | 000,000,000 | ---- | M] () -- C:\END [2013/04/25 13:42:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat [2013/04/24 22:41:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyUpdate.job [2013/04/24 21:01:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-790525478-2049760794-725345543-1006.job [2013/04/24 20:41:40 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-2049760794-725345543-1006Core.job [2013/04/24 15:06:17 | 000,001,941 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Installation MSN.lnk [2013/04/24 14:03:28 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Guide réseau EPSON SX235 Series.lnk [2013/04/24 14:02:51 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Guide d'utilisation EPSON SX235 Series.lnk [2013/04/24 13:51:50 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EPSON Scan.lnk [2013/04/23 16:10:50 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_2 [2013/04/23 16:08:50 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_3 [2013/04/23 14:08:59 | 000,000,149 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\D2Info0 [2013/04/23 14:05:26 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_4 [2013/04/20 12:09:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/04/18 15:57:04 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for TEST.job [2013/04/18 13:39:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/04/17 21:01:18 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk [2013/04/17 21:00:19 | 000,000,983 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk [2013/04/17 20:59:37 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/04/17 20:59:24 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/04/17 20:59:24 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/04/17 20:59:23 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/04/11 10:15:27 | 000,447,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/04/11 09:47:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/04/09 22:46:01 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/04/09 22:46:00 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\TEST\Bureau\Google Chrome.lnk [2013/04/05 16:18:18 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/04/03 21:25:59 | 000,032,446 | ---- | M] () -- C:\Documents and Settings\TEST\Mes documents\DECLARATION RSA.pdf [2013/03/31 19:26:47 | 000,228,131 | ---- | M] () -- C:\Documents and Settings\TEST\Mes documents\prelev autoroute.pdf [2013/03/30 20:05:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_1 [2013/03/28 21:56:50 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/03/28 21:56:50 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/03/28 20:54:53 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/25 16:26:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/04/25 16:20:44 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013/04/24 15:06:17 | 000,001,941 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Installation MSN.lnk [2013/04/24 13:13:50 | 000,000,000 | ---- | C] () -- C:\END [2013/04/23 13:13:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat [2013/04/17 21:01:28 | 000,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for TEST.job [2013/04/17 21:01:18 | 000,000,979 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk [2013/04/17 21:01:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0307020.00A\isolate.ini [2013/04/17 21:01:05 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-790525478-2049760794-725345543-1006.job [2013/04/17 21:01:04 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-790525478-2049760794-725345543-1006.job [2013/04/17 21:00:19 | 000,000,983 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer.lnk [2013/04/03 21:25:58 | 000,032,446 | ---- | C] () -- C:\Documents and Settings\TEST\Mes documents\DECLARATION RSA.pdf [2013/03/31 19:26:46 | 000,228,131 | ---- | C] () -- C:\Documents and Settings\TEST\Mes documents\prelev autoroute.pdf [2013/03/28 20:54:53 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2013/03/12 13:54:15 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/03/12 13:54:14 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013/03/02 21:00:23 | 000,383,034 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2013/03/02 18:32:36 | 000,000,093 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc [2013/02/27 18:39:12 | 000,447,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/02/24 21:31:11 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2013/02/16 13:31:40 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_5 [2012/11/21 21:25:26 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_4 [2012/06/15 21:04:52 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_3 [2012/05/31 22:53:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_1 [2012/05/29 18:49:43 | 000,000,149 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\D2Info0 [2012/05/29 18:49:43 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\DofusAppId0_2 [2012/05/02 15:12:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2012/04/06 19:58:56 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/03/06 14:44:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/03/02 10:31:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/02/15 15:53:43 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\PnkBstrK.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2008/08/09 11:28:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] Invalid Environment Variable: alluserprofile Invalid Environment Variable: alluserprofile [color=#A23BEC]< %appdata%\*. >[/color] [2012/08/17 14:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\.minecraft [2012/10/05 21:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Adobe [2012/12/16 22:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\AnkamaCertificates [2012/05/29 18:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\app [2012/12/21 13:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Apple Computer [2013/01/11 15:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Audacity [2012/08/31 22:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Babylon [2013/04/25 16:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\cacaoweb [2012/08/29 18:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Canon [2013/02/11 15:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DealPly [2012/04/21 17:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DivX [2012/06/15 20:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus 2 [2012/05/29 18:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2012/06/15 21:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2012/11/21 21:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2012/05/31 22:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2013/04/23 15:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Dofus2 [2012/12/16 22:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DofusTesting [2012/12/16 21:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DofusTesting-2 [2012/12/16 23:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DofusTesting-3 [2012/12/16 23:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DofusTesting-4 [2013/02/16 13:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\DofusTesting-5 [2013/02/13 21:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Epson [2012/01/17 22:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Identities [2012/05/02 11:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\InstallShield [2008/11/15 23:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Intel [2010/08/30 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Macromedia [2013/02/26 20:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Malwarebytes [2012/04/21 17:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Media Player Classic [2013/02/26 12:09:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\TEST\Application Data\Microsoft [2012/02/13 20:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla [2013/02/26 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Nosibay [2013/04/24 21:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\OpenOffice.org2 [2013/04/25 16:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\PriceGong [2013/04/17 21:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Real [2013/04/17 21:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\RealNetworks [2012/05/29 18:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2013/02/27 18:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Skype [2012/02/13 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Sun [2013/02/25 22:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Systweak [2012/02/26 16:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\WinRAR [color=#A23BEC]< %appdata%\*.exe /s >[/color] [2013/02/11 15:50:49 | 000,091,024 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\DealPly\UpdateProc\UpdateTask.exe [2013/03/28 21:33:58 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\TEST\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2012/02/18 13:38:31 | 008,124,064 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\TEST\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2012/03/07 15:51:40 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\DesktopMgr.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe [2013/02/24 21:29:34 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe [2013/02/24 21:29:33 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\TEST\Application Data\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe [2011/09/23 15:04:06 | 001,341,376 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\b4fswr75.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe [color=#A23BEC]< %systemdrive%\*. >[/color] [2012/03/07 16:19:15 | 000,000,000 | ---D | M] -- C:\55d706457680793de21dcf593555 [2012/03/05 22:08:31 | 000,000,000 | ---D | M] -- C:\747fd67491a40c2abcc62a9da6 [2012/03/07 15:44:49 | 000,000,000 | ---D | M] -- C:\a447499d5975c2ea01decef70f [2012/07/05 17:33:44 | 000,000,000 | ---D | M] -- C:\BrickForce [2013/04/24 14:02:13 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2012/08/29 17:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings [2008/12/07 12:37:52 | 000,000,000 | ---D | M] -- C:\Drivers [2012/07/05 17:32:52 | 000,000,000 | ---D | M] -- C:\emme [2013/03/02 18:29:43 | 000,000,000 | ---D | M] -- C:\Kreapixel [2008/07/24 19:25:42 | 000,000,000 | ---D | M] -- C:\Pilotes Dell [2013/04/23 13:13:20 | 000,000,000 | R--D | M] -- C:\Program Files [2012/08/29 17:56:42 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2013/01/29 22:07:04 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2013/04/25 14:06:26 | 000,000,000 | ---D | M] -- C:\WINDOWS [color=#A23BEC]< %systemdrive%\*.exe >[/color] [color=#A23BEC]< %programfiles%\*. >[/color] [2013/04/24 14:17:00 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2012/10/05 21:06:09 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2008/07/29 12:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software [2012/03/07 15:51:27 | 000,000,000 | ---D | M] -- C:\Program Files\AMD [2012/04/08 11:50:33 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2008/07/24 19:21:39 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies [2013/02/27 16:33:09 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software [2008/07/24 19:20:00 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom [2012/11/20 14:01:21 | 000,000,000 | ---D | M] -- C:\Program Files\cacaoweb [2013/03/04 23:38:01 | 000,000,000 | ---D | M] -- C:\Program Files\Canon [2012/08/31 22:42:06 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2012/06/23 14:34:43 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2008/07/24 18:21:01 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications [2010/01/11 21:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit [2008/07/24 19:27:45 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT [2013/02/01 23:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\DealPly [2013/03/11 21:26:47 | 000,000,000 | ---D | M] -- C:\Program Files\Dofus2 [2012/05/02 11:38:55 | 000,000,000 | ---D | M] -- C:\Program Files\epson [2013/02/28 22:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\Epson Software [2012/05/02 11:38:10 | 000,000,000 | ---D | M] -- C:\Program Files\EpsonNet [2013/04/17 21:01:28 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs [2012/06/25 13:44:19 | 000,000,000 | ---D | M] -- C:\Program Files\Fly My World Corporate [2013/02/27 16:39:14 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2013/03/03 13:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\Iminent [2013/03/04 23:37:21 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2008/07/24 19:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\Intel [2013/04/11 10:15:26 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2012/04/08 11:54:30 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2012/04/08 11:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2013/02/26 12:03:34 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2008/07/24 19:45:40 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack [2008/08/01 15:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\MAGIX [2012/03/05 21:08:16 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger [2010/11/01 11:11:48 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application [2012/03/07 12:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2008/07/31 17:41:57 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2012/07/05 17:39:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2009/11/25 17:02:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Outlook Connector [2008/07/31 17:19:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Référence [2013/03/14 17:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2008/08/09 11:30:57 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server [2009/02/25 20:40:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition [2009/02/25 20:41:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework [2008/08/09 11:30:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio .NET 2003 [2008/07/31 16:27:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2008/07/31 16:17:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2003 [2012/11/02 13:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2012/03/07 12:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010/08/26 10:20:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird [2009/08/12 08:04:40 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2012/03/07 15:22:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache [2013/04/24 15:06:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2008/07/24 18:20:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2008/08/04 19:08:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2008/08/04 19:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0 [2010/11/29 20:14:52 | 000,000,000 | ---D | M] -- C:\Program Files\Neffy [2012/03/05 20:55:29 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2013/04/17 21:01:11 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan [2013/04/17 21:01:05 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller [2013/02/24 22:56:50 | 000,000,000 | ---D | M] -- C:\Program Files\Nosibay [2008/07/24 18:20:45 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services [2008/07/29 12:05:34 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 2.3 [2012/03/07 12:36:36 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2013/03/28 21:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\PC Cleaner [2008/12/07 12:39:31 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA [2009/12/28 14:28:22 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2013/04/17 20:59:53 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2013/04/17 21:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\RealNetworks [2013/03/18 15:57:48 | 000,000,000 | ---D | M] -- C:\Program Files\Recherche_France [2009/08/12 08:04:29 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2013/02/27 19:11:15 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion [2010/02/19 20:25:33 | 000,000,000 | ---D | M] -- C:\Program Files\Seagate [2008/07/24 18:23:18 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2013/03/02 18:30:31 | 000,000,000 | ---D | M] -- C:\Program Files\Services x86 [2008/07/24 19:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel [2013/01/30 14:43:47 | 000,000,000 | R--D | M] -- C:\Program Files\Skype [2008/12/07 12:37:32 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Corporation [2013/02/27 18:17:12 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM [2013/01/11 14:59:02 | 000,000,000 | ---D | M] -- C:\Program Files\tuto4pc_fr_23 [2008/08/09 11:33:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2013/02/27 19:02:24 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group [2013/04/23 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\Wajam [2012/03/07 16:01:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2009/01/25 14:20:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2012/03/05 21:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2012/03/05 20:55:23 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2008/07/24 18:23:22 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate [2008/07/24 19:42:40 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR [2008/07/24 19:42:58 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip [2008/07/24 18:24:56 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 11:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2004/08/05 11:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004/08/05 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2004/08/05 11:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008/07/24 19:47:33 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=8D52AEDD07247B743A4D9BD372F69109 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < End of report >