cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 28/08/2013 13:43:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 254,76 Mb Available Physical Memory | 49,81% Memory free
1,97 Gb Paging File | 1,60 Gb Available in Paging File | 81,10% Paging File free
Paging file location(s): C:\pagefile.sys 1536 1836 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,32 Gb Total Space | 32,99 Gb Free Space | 43,23% Space Free | Partition Type: NTFS

Computer Name: XPSP2-FB3EAC531 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/08/28 13:39:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTL.exe
PRC - [2013/07/23 17:50:00 | 000,685,936 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK32.EXE
PRC - [2013/06/29 21:37:33 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/09 11:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 11:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2013/02/09 10:03:46 | 000,888,128 | ---- | M] (Repkasoft) -- C:\Program Files\YoWindow\yowindow.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/01/01 00:02:17 | 004,640,768 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Admin\Application Data\Spotify\spotify.exe
PRC - [2002/01/01 00:02:16 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Admin\Application Data\Spotify\Data\SpotifyWebHelper.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/08/27 21:16:11 | 002,096,128 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13082701\algo.dll
MOD - [2002/01/01 00:02:16 | 024,985,600 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Spotify\Data\libcef.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/19 11:40:34 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/10 21:15:45 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/01 16:35:30 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files\fichiers communs\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/29 21:37:33 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/05/09 11:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/07/20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/04/10 10:59:26 | 000,069,120 | ---- | M] (BOONTY) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/06/28 14:15:34 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/06/28 14:15:34 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/06/28 14:15:33 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 11:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 11:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 11:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 11:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/05/09 11:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/07 01:33:22 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2009/12/08 21:35:19 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2009/11/02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/03/20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/07/26 15:43:38 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2004/08/13 17:38:18 | 000,140,544 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (RT2500USB)
DRV - [2003/03/27 09:09:18 | 000,036,512 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msicpl.sys -- (MSICPL)
DRV - [2002/12/05 06:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2002/12/05 06:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2002/09/23 04:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/09/09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2002/09/06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001/10/02 20:16:54 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/10/02 20:16:54 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/09/24 09:38:54 | 000,038,912 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcd.sys -- (QCDonner)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA C4 30 74 6E A3 CE 01 [binary data]
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\..\SearchScopes,DefaultScope = {8285251E-5518-4B1A-BD0D-22283215D73D}
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\..\SearchScopes\{8285251E-5518-4B1A-BD0D-22283215D73D}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1454471165-776561741-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2002/01/03 00:55:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/01/12 16:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2011/01/12 16:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010/07/03 18:07:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/01/01 10:16:10 | 000,371,289 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12798 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\..\Toolbar\WebBrowser: (no name) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-21-1454471165-776561741-839522115-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe File not found
O4 - HKU\S-1-5-21-1454471165-776561741-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1454471165-776561741-839522115-1003..\Run: [Spotify] C:\Documents and Settings\Admin\Application Data\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1454471165-776561741-839522115-1003..\Run: [Spotify Web Helper] C:\Documents and Settings\Admin\Application Data\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1454471165-776561741-839522115-1003..\Run: [WebCamRT.exe] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Config] C:\WINDOWS\system32\run.cmd ()
O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Config] C:\WINDOWS\system32\run.cmd ()
O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [Config] C:\WINDOWS\system32\run.cmd ()
O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [Config] C:\WINDOWS\system32\run.cmd ()
O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\YoWindow.lnk = C:\Program Files\YoWindow\yowindow.exe (Repkasoft)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-1454471165-776561741-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} https://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1352671357904 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A8944D6-3638-44D3-AD03-5E836F728B67}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/01/11 12:50:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]NiwradSoft Welcome[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0FBC7492-9AE2-B94F-77EC-4B8CE00BDE07} - Microsoft Windows Media Player
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {40359B82-0D32-2A65-D269-546DE3808422} - NetShow
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A84502F-1E01-A380-7DDF-751DACDE5C56} - Microsoft Windows Media Player
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {629A723B-61F8-035F-B7A8-11968FA90B0F} - Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8F560FEC-1672-4661-90D3-B605B73FABA5} - Mise à jour de la version d Internet Explorer
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E604E975-5CDE-6E90-E25B-1D9E6512C28E} - Personnalisation du navigateur
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/08/28 13:39:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTL.exe
[2013/08/27 00:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Mes documents\pics
[2013/08/27 00:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\WinZip
[2013/08/27 00:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\WinZip
[2013/08/27 00:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2013/08/27 00:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013/08/24 21:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Mes documents\Assoc. Les sans voix
[2013/08/15 00:35:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/08/14 21:12:09 | 000,000,000 | ---D | C] -- C:\065f6cc39c0f2f0e0f1fac9d8d9430
[2013/08/11 22:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Systweak
[2013/08/11 22:53:20 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2013/08/10 22:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\BabSolution
[2013/08/10 22:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon
[2013/08/10 22:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer
[2013/08/10 22:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Babylon
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/08/28 13:45:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/08/28 13:39:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTL.exe
[2013/08/28 13:29:04 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/28 13:26:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/28 12:48:16 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/28 12:42:33 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/28 12:41:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/27 16:24:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/08/27 03:24:44 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2013/08/27 03:24:44 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2013/08/27 03:22:50 | 000,501,288 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/08/27 03:22:50 | 000,433,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/27 03:22:50 | 000,081,084 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/08/27 03:22:50 | 000,067,856 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/27 03:17:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/27 00:11:50 | 000,001,748 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\WinZip.lnk
[2013/08/27 00:11:48 | 000,001,672 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk
[2013/08/12 19:52:29 | 000,153,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/11 23:11:44 | 000,391,240 | ---- | M] () -- C:\Documents and Settings\Admin\Mes documents\RCPscanlog.xml
[2013/08/10 21:15:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/10 21:15:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/03 01:48:38 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdecod.dll
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/08/28 13:45:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/08/27 00:11:50 | 000,001,748 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\WinZip.lnk
[2013/08/27 00:11:29 | 000,001,672 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk
[2013/08/11 23:11:44 | 000,391,240 | ---- | C] () -- C:\Documents and Settings\Admin\Mes documents\RCPscanlog.xml
[2013/06/28 14:15:43 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/26 20:35:55 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/26 20:35:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/04 21:01:07 | 000,000,438 | RHS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2013/03/24 13:44:31 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/24 13:44:30 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/02/17 22:40:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/11 02:05:04 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Admin\profiles.cfg
[2012/02/11 02:05:04 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\Admin\settings.cfg
[2012/02/11 02:05:01 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\Admin\ogre.cfg
[2011/10/24 22:47:54 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/27 10:19:39 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Admin\winscp.RND
[2010/01/01 12:41:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\$_hpcst$.hpc
[2009/12/12 12:04:24 | 000,000,163 | ---- | C] () -- C:\Documents and Settings\Admin\default.pls
[2008/03/14 21:52:08 | 000,001,106 | ---- | C] () -- C:\Documents and Settings\Admin\DivX.com.lnk
[2008/03/14 21:52:08 | 000,001,082 | ---- | C] () -- C:\Documents and Settings\Admin\Optimisez les pistes audios de vos vidéos.lnk
[2004/03/13 17:38:20 | 000,112,743 | ---- | C] () -- C:\Documents and Settings\Admin\Copie de Photo 092.jpg
[2004/03/13 17:37:36 | 000,163,855 | ---- | C] () -- C:\Documents and Settings\Admin\Copie de Photo 091.jpg

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2010/05/18 13:24:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2013/04/20 23:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\adelantado_big_fish_fr
[2010/08/31 19:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Alawar
[2002/01/11 13:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\AlawarSouthpoint
[2012/01/28 00:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\aliasworlds
[2012/11/20 22:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Anuman
[2011/11/06 02:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Artifex Mundi
[2010/05/18 13:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Atari
[2013/08/14 00:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\BabSolution
[2013/08/10 22:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Babylon
[2012/11/19 22:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\bfgallmygodsfr
[2012/11/22 21:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Big Fish Games
[2011/07/26 01:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\BitTorrent
[2013/06/20 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\BlamGames
[2011/08/14 23:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\blg
[2012/10/26 21:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\BlooBuzz
[2012/11/05 22:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Boolat Games
[2011/08/08 00:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Boomzap
[2013/04/13 20:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Casual Box
[2011/07/25 00:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\CasualForge
[2012/02/11 01:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Colibri Games
[2011/11/11 21:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\DeskSoft
[2011/07/23 17:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\DivoGames
[2011/08/07 23:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Elephant Games
[2011/08/10 00:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ERS Game Studios
[2012/01/30 22:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Farm Mania 2.1
[2011/08/03 22:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Friday's games
[2012/04/01 23:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Gamelab
[2013/07/06 17:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Games
[2011/08/14 21:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\GamesCafe
[2011/09/26 00:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\GetRightToGo
[2012/10/28 23:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\GFI
[2010/05/27 10:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Généatique2010
[2012/10/30 22:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Happy Chef
[2012/03/30 21:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Home Sweet Home
[2012/02/11 00:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Islands
[2002/01/11 12:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Jumb-O-Fun Games
[2002/01/18 12:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\LegacyGames
[2010/03/09 20:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Little Games Company
[2011/08/09 23:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\margrave3_full
[2011/07/27 23:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\My Games
[2012/02/15 00:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Nevosoft-Breeze
[2013/07/09 21:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Nitreal Games
[2013/04/24 21:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\northerntale_bfg_fr
[2009/12/28 12:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Oberon Media
[2011/08/13 22:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Orneon
[2012/11/22 22:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PathToSuccess
[2010/01/01 12:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PC Suite
[2011/07/27 00:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PeaceCraft2
[2012/09/20 22:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PeaceCraft3
[2012/04/01 21:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Ph03nixNewMedia
[2002/01/17 12:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PlayFirst
[2011/08/03 00:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\playmink
[2013/04/25 21:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Playrix Entertainment
[2013/04/13 22:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Sahmon Games
[2010/01/01 12:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Samsung
[2011/08/07 22:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ShinyTales
[2009/12/12 09:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Simple Star
[2010/04/10 11:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\SM2
[2010/04/11 09:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\SmashFrenzy3
[2013/08/28 12:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Spotify
[2013/08/15 00:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Systweak
[2011/10/29 00:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Total Eclipse
[2011/12/20 22:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Uniblue
[2012/02/01 00:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\VC 2 Paradise Resort
[2011/07/25 00:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ViquaSoft
[2011/07/26 23:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\WendigoStudios
[2011/07/22 17:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\YoudaGames
[2013/04/18 19:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\YoWindow
[2010/09/10 13:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Zylom
[2010/08/21 17:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2002/01/18 11:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JuliettesFashionEmpire
[2009/10/28 10:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/12/10 12:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008/12/16 18:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/09/07 18:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/08/03 23:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Terrafarmers
[2009/10/27 09:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2002/01/11 13:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AlawarSouthpoint
[2012/01/28 00:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\aliasworlds
[2011/08/02 23:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Artist Colony
[2012/01/23 00:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avalon-Legends-Solitaire
[2011/07/26 02:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2013/08/10 22:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon
[2011/08/20 22:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Big Fish Games
[2011/08/14 23:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\blg
[2010/04/10 10:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BOONTY
[2011/01/19 19:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Brainiversity2
[2011/07/25 00:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CasualForge
[2012/02/11 01:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Colibri Games
[2011/07/26 01:49:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2013/04/13 21:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CrioGames
[2012/01/27 00:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Desktop Gaming
[2011/08/07 23:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Elephant Games
[2012/04/13 18:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Escape From Paradise
[2011/08/11 23:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeFromParadise2
[2011/09/27 22:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeTheMuseum2
[2012/02/12 23:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy2
[2013/04/22 21:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fugazo
[2010/09/10 13:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GoBit Games
[2012/03/30 22:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gogii
[2010/05/27 10:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Généatique2010
[2011/07/24 22:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HipSoft
[2010/03/09 20:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Little Games Company
[2011/07/26 01:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2012/02/17 23:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mushroom Age
[2010/02/22 10:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MXSkypeRecorder
[2012/02/15 00:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nevosoft-Breeze
[2009/12/28 12:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Oberon Games
[2010/01/02 12:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Oberon Media
[2013/04/18 22:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrganicCoffee
[2010/01/01 12:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite
[2002/01/17 12:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PlayFirst
[2013/04/20 22:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Playrix Entertainment
[2012/01/30 23:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\RescueFrenzy
[2012/02/10 22:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\rionix
[2012/02/14 23:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games
[2013/06/26 22:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SnowGlobe
[2011/10/07 22:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SugarGames
[2013/08/26 21:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer
[2013/07/18 22:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2012/01/22 23:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\The Revills Games
[2013/08/27 00:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2012/11/17 01:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\YoWindow
[2010/04/11 09:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom
[2011/12/20 22:42:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/12/20 22:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}(2)
[2011/08/31 11:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\PlayFirst
[2011/07/24 09:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité\Application Data\PriceGong
[2011/11/01 10:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité.XPSP2-FB3EAC531\Application Data\searchquband
[2011/11/01 10:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Invité.XPSP2-FB3EAC531\Application Data\searchqutoolbar
[2009/07/07 17:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\agi
[2009/07/08 15:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\agi

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2012/10/08 14:03:35 | 000,002,898 | ---- | M] () -- C:\aqua_bitmap.cpp
[2002/01/11 12:50:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/08/27 03:24:44 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2001/10/02 20:15:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2013/08/27 03:24:44 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2002/01/11 12:50:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002/01/11 12:50:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2002/01/11 12:50:31 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2002/01/11 12:50:31 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2013/08/28 12:41:39 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2012/11/13 01:16:46 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2013/08/28 13:45:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/11/17 02:00:41 | 022,121,287 | ---- | M] () -- C:\seven_remix_xp_2_5_by_niwradsoft-d1v17e7.zip

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2012/11/11 23:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2013/04/13 20:00:02 | 000,000,000 | ---D | M] -- C:\Program Files\Age of Enigma - Le Secret du Sixieme Fantome
[2008/01/19 11:12:17 | 000,000,000 | ---D | M] -- C:\Program Files\ASUS
[2011/08/20 21:12:16 | 000,000,000 | ---D | M] -- C:\Program Files\Athan
[2011/07/26 02:00:50 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2013/07/15 21:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Azada - In Libro
[2011/08/20 22:37:40 | 000,000,000 | ---D | M] -- C:\Program Files\bfgclient
[2009/12/19 07:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\BitDefender
[2010/04/10 10:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Boonty
[2010/05/29 09:19:54 | 000,000,000 | ---D | M] -- C:\Program Files\BoontyGames
[2013/07/06 00:29:14 | 000,000,000 | ---D | M] -- C:\Program Files\Cleopatre - Le Destin d'une Reine
[2009/08/18 20:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/01/19 10:33:49 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/11/06 09:56:43 | 000,000,000 | ---D | M] -- C:\Program Files\DeskSpace
[2012/10/08 10:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2008/03/14 21:52:20 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/02/14 12:47:48 | 000,000,000 | ---D | M] -- C:\Program Files\EasyChord
[2013/07/15 23:04:16 | 000,000,000 | ---D | M] -- C:\Program Files\Egypte III - Le Destin de Ramses
[2013/06/26 21:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\Farmington Tales
[2013/04/19 00:28:51 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2013/05/04 21:59:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/07/04 19:00:35 | 000,000,000 | ---D | M] -- C:\Program Files\Goto Software
[2012/03/25 23:04:38 | 000,000,000 | ---D | M] -- C:\Program Files\Home Sweet Home
[2012/11/17 00:01:12 | 000,000,000 | ---D | M] -- C:\Program Files\iColorFolder
[2013/07/08 20:13:13 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2013/08/15 00:48:40 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2013/06/29 21:37:06 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/10/26 21:58:44 | 000,000,000 | ---D | M] -- C:\Program Files\Jeux
[2008/12/17 11:53:30 | 000,000,000 | ---D | M] -- C:\Program Files\LGGSM
[2011/07/26 01:39:40 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010/10/29 16:44:40 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2013/05/19 00:53:17 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/28 10:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\MarkAny
[2010/11/28 18:38:55 | 000,000,000 | ---D | M] -- C:\Program Files\MarkAnyContentSAFER
[2012/11/12 01:34:03 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis
[2011/07/27 10:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/06/28 10:08:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2008/01/19 11:09:14 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2012/11/12 22:45:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/11/12 01:35:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/06/28 10:10:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/06/28 10:11:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2012/11/12 21:20:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/07/25 23:28:56 | 000,000,000 | ---D | M] -- C:\Program Files\movie maker
[2002/01/01 00:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2013/08/20 20:43:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2011/07/21 20:14:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/07/25 23:28:57 | 000,000,000 | ---D | M] -- C:\Program Files\msn
[2009/12/08 21:27:47 | 000,000,000 | ---D | M] -- C:\Program Files\msn gaming zone
[2011/07/21 02:04:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/07/21 03:19:58 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2002/01/17 12:58:13 | 000,000,000 | ---D | M] -- C:\Program Files\My Kingdom for the Princess III
[2009/12/12 09:12:33 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2011/07/25 23:26:42 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2013/07/06 17:38:05 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2011/01/19 19:35:34 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2011/01/19 19:19:48 | 000,000,000 | ---D | M] -- C:\Program Files\orange
[2013/03/24 13:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/08/20 21:18:03 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2009/11/03 21:17:44 | 000,000,000 | ---D | M] -- C:\Program Files\Photo
[2009/12/08 10:59:59 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Art Studio
[2009/11/03 10:30:48 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre Studio X
[2011/02/02 10:07:18 | 000,000,000 | ---D | M] -- C:\Program Files\Photoshine
[2010/10/29 16:45:33 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2011/07/21 20:14:38 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/10/08 10:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2011/12/23 14:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\scrabbleproB1.1
[2012/11/11 23:54:18 | 000,000,000 | ---D | M] -- C:\Program Files\Secunia
[2008/01/19 10:35:53 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2011/07/25 00:14:41 | 000,000,000 | ---D | M] -- C:\Program Files\Shop-n-Spree - La Fievre du Shopping
[2013/04/19 00:28:52 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/01/02 12:04:30 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/05/27 10:14:35 | 000,000,000 | ---D | M] -- C:\Program Files\Tracker Software
[2011/08/26 15:40:39 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2013/07/04 21:58:23 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
[2009/10/27 09:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2009/06/13 13:00:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2013/04/19 00:29:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/07/12 08:36:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/10/29 16:46:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2012/11/16 22:24:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2013/03/24 13:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/01/19 10:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/01/19 10:35:57 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2013/08/27 00:10:51 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2008/01/19 10:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/01/02 11:59:33 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2009/10/27 09:55:58 | 000,000,000 | ---D | M] -- C:\Program Files\Your Application Name
[2012/11/17 01:25:25 | 000,000,000 | ---D | M] -- C:\Program Files\YoWindow
[2013/05/19 00:06:59 | 000,000,000 | ---D | M] -- C:\Program Files\ZHPDiag

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2005/10/12 12:33:32 | 022,340,731 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2008/04/14 04:33:19 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=F36C9F78FC902C8DCE4D3B576BB0435A -- C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll
[2008/04/14 04:33:19 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=F36C9F78FC902C8DCE4D3B576BB0435A -- C:\WINDOWS\system32\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2005/10/12 12:33:32 | 022,340,731 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008/04/14 04:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\system32\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001/10/02 20:15:54 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2005/10/12 12:33:32 | 022,340,731 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hidserv.dll
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hidserv.dll
[2011/07/25 23:21:38 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hidserv.dll
[2008/04/14 04:33:26 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A3B9B4A68BC839CE5A264D5908092261 -- C:\WINDOWS\ServicePackFiles\i386\hidserv.dll

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll
[2008/04/14 04:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\system32\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2008/04/14 04:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
[2009/03/21 16:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll
[2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2012/10/03 06:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\kernel32.dll
[2012/10/03 06:57:29 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=CB4292C6D077188C726B2EE073E5D3BE -- C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2008/04/14 04:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 18:03:53 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6F5F546A92C7B6AE45DB1D6910781EB0 -- C:\WINDOWS\system32\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008/04/13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys

[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
[2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\system32\ntmssvc.dll

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe
[2008/04/14 04:34:18 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=745D327179FB3D2AC9B80B91F23DA753 -- C:\WINDOWS\system32\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/14 04:33:39 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

[color=#A23BEC]< MD5 for: SFCFILES.DLL >[/color]
[2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
[2008/04/14 04:33:41 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\system32\sfcfiles.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2008/04/14 04:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
[2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\system32\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\drivers\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2013/06/07 23:48:38 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=08125B740C62E6DEA9483A15043AD0D5 -- C:\WINDOWS\ie8updates\KB2862772-IE8\wininet.dll
[2012/05/16 17:06:36 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=1A5B88015B3823D31C5842DE0DBFE842 -- C:\WINDOWS\ie8updates\KB2722913-IE8\wininet.dll
[2012/07/02 19:38:43 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=29FEC860C77934244D28213C24A6E110 -- C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll
[2011/06/23 20:31:31 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=3008D2F793F23FF0DDBC5A1FB9F8374F -- C:\WINDOWS\ie8updates\KB2586448-IE8\wininet.dll
[2013/04/17 00:16:49 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3405104CE3F9B8CDCF5F5A23EC26E681 -- C:\WINDOWS\ie8updates\KB2838727-IE8\wininet.dll
[2012/07/02 19:39:50 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=3702C4555CE284742F80364D7904BA73 -- C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll
[2013/03/02 03:54:04 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3FB34DDAAED61D8451C514A91D1699D2 -- C:\WINDOWS\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll
[2011/04/25 18:06:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=42F5E14E33D79C236680468B1E4999F4 -- C:\WINDOWS\ie8updates\KB2559049-IE8\wininet.dll
[2013/03/02 03:55:11 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=48309E1F5ED8E72783EEFBA04898BDA1 -- C:\WINDOWS\ie8updates\KB2829530-IE8\wininet.dll
[2012/11/01 14:15:37 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=51A9018D2872998747A12DE8F1897D38 -- C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[2012/05/16 17:05:31 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=55DEA0699C49199F80D41B8177708169 -- C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[2011/12/17 21:43:31 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=5C72F65D2F038E0BF481326423F9D266 -- C:\WINDOWS\ie8updates\KB2675157-IE8\wininet.dll
[2009/03/08 05:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll
[2012/03/01 12:58:11 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7960ADFC62197E5262A8A72A9FE99C43 -- C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[2011/08/23 01:41:31 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=7DF35C3D173E799F97F208CC5F3B1C93 -- C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll
[2011/08/23 01:40:21 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=96F7E8DFF026E48DD7655DBFC47E7944 -- C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[2005/10/12 12:25:42 | 000,662,528 | ---- | M] (Microsoft Corporation) MD5=A2DD7EC3AC1EAD13F65E2898FCABBD1A -- C:\WINDOWS\ie8\wininet.dll
[2011/11/04 21:13:29 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=B0DF02C2326381D64149F3EEFAE5E09D -- C:\WINDOWS\ie8updates\KB2647516-IE8\wininet.dll
[2012/11/01 14:17:51 | 000,983,552 | ---- | M] (Microsoft Corporation) MD5=B0FB6373EB6A2E4DFB3FCFDB647B0C73 -- C:\WINDOWS\ie8updates\KB2809289-IE8\wininet.dll
[2010/05/06 12:33:44 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=B98E84E2CD3EE25D6D41936352E93112 -- C:\WINDOWS\ie8updates\KB2530548-IE8\wininet.dll
[2011/11/04 21:12:19 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=CC5816AA2B0EB20BA52D5622A7C1DED3 -- C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[2013/02/05 21:55:30 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=CD6DD7CD80EEFEC4A95B8D156B074036 -- C:\WINDOWS\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll
[2012/03/01 13:00:23 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D44608FCA100A5C48053588517517028 -- C:\WINDOWS\ie8updates\KB2699988-IE8\wininet.dll
[2013/05/08 00:28:27 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=DD11A997125B22963CE49A95F7E32034 -- C:\WINDOWS\ie8updates\KB2846071-IE8\wininet.dll
[2013/07/26 04:47:15 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=E1948293F7CBC38987270432935D8D05 -- C:\WINDOWS\system32\dllcache\wininet.dll
[2013/07/26 04:47:15 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=E1948293F7CBC38987270432935D8D05 -- C:\WINDOWS\system32\wininet.dll
[2012/08/28 17:03:48 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=ECB2FC839288380533043CF2E91E51E6 -- C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
[2011/12/17 21:42:36 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=FBF4D9A8AE222337063B7DF8881F5AE5 -- C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[2013/02/05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=FCDD66EE148885E900285ADE8417E40B -- C:\WINDOWS\ie8updates\KB2817183-IE8\wininet.dll
[2013/02/05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=FCDD66EE148885E900285ADE8417E40B -- C:\WINDOWS\ServicePackFiles\i386\wininet.dll
[2012/08/28 17:04:59 | 000,983,552 | ---- | M] (Microsoft Corporation) MD5=FEC69166AFF70F68EA6DD9E0A31764C6 -- C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/14 04:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\system32\ws2_32.dll

[color=#A23BEC]< MD5 for: XMLPROV.DLL >[/color]
[2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
[2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\system32\xmlprov.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2009/12/08 21:24:35 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/12/08 21:30:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012/02/26 22:43:45 | 000,001,052 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012/02/26 22:43:47 | 000,001,056 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/02 22:06:42 | 000,001,002 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012/09/19 22:40:30 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

[color=#A23BEC]< >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:096BF2EE
@Alternate Data Stream - 274 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E5BA9ADD
@Alternate Data Stream - 247 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:169E7AC5
@Alternate Data Stream - 242 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A039EDF9
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:C2F24DB5
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:14362DF8
@Alternate Data Stream - 227 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E6EC5C2A
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FF9C44FE
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3C9B05C4
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0DFE2AE1
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AE2EA3C2
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:37994DBE
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DAB09BDB
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:27F44544
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B12D1A7D
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:01690B01
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FEF0DEE7
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9E3E060F
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9742C5DF
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4E6B8D68
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:7D288858
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A9ABA3FF
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:349E5B74
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:8AC20936
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3A4C8FE7
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:2F5A06FD
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D987CB43
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:CEE4A457
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:8B3C3098
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:258D2F8B
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F5FC5DCE
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:20EB6823
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:1CF1FB36
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AE75CCC8
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:8C81B36D
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6A9EDD31
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:33384BC0
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A69FAA24
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A6B07419
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:99C301D0
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3B07E6F4
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EC3A9923
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:92DB4653
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EA7D76BE
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A851461E
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E9900C74
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3C0887BF
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F5E90ED3
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EBFB51F1
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D2A5A561
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B8791731
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:553056F1
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4C16B46B
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E153075C
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:97CA3B9E
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:7BB584AA
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:2CED8825
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FEE00EB9
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EA701346
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B38BEEEE
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:8967C154
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:82C50600
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:35629AE6
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:217A2A36
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:BAC2F271
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9D5BB34A
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8A44841A
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:CFF6B3FF
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B1E64E47
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:97B3B270
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A59DD4AD
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:7E4E56EA
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6423D635
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:471AD3D0
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E5DE9C8F
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:C43C957E
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:2EB79F01
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FD786DCA
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:7A2101AB
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:66871744
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0860D6D6
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:073139EC
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:43E95997
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC8E37E0
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D8A7F3FF
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:ED9B661E
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AE289451
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:99AC3203
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:2C399CCA
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1982A23
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A38FEC6
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F67947AF
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D01ACC06
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:014BC3B4
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:00811B66
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD623B3
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:7EC01D6D
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:751D6870
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F2DC4B0B
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:BE6DC701
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B3942462
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:56C66609
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:39EDBD33
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:1B3549F2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F636E25
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:31080D0E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05816AFA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:38FF076E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:2216A431
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:BDF08FAF
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF5C4195
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B1330FD
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E5B07840
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:BE6B5FC3
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A1023D41
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:67310058
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:29C0641D
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:10D45FC3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E6708F08
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9AE67195
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:87A3A233
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4F636E25
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3B360415
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:345E21F6
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0778CBF2
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:444169A0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D9987109
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:C9B27A06
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C4A588B
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:178093AE
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:663B62CA
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4B244549
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:27D1368B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0AE2C68F
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FC60E0F8
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D882BE37
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9D03192E
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:B5E5C967
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6444B424
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADB0A2BD
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7711E268
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03777453
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B99FE60
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F5BB3657
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5AFE07D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BB48E5A3
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48F0FFF8
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0879ECE9
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F760FD47
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4A1F01E
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6FE17A89
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:375FC7E7
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10D98D98
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AC83EA04
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A561576B
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A468A21E
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:615435BE
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CD562B4
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38849DE5
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1713795
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA8ADCCD
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B3A35EC
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BB24555F
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A3DB99
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:8140CB50
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:581B0446
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1D3FEF0
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02C1CB6D
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A3E39C6A
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BA41EC1A
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:981884E7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:CA8D6B60

< End of report >

Publicité


Signaler le contenu de ce document

Publicité