Scan result of Farbar Recovery Scan outil (FRST) (x86) Version: 13-01-2014 02 Ran by SYSTEM on REATOGO on 14-01-2014 13:46:00 Running from B:\Documents and Settings\Default User\Desktop Microsoft Windows XP (X86) OS Language: English(US) Internet Explorer Version 6 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b] ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe (Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (FinePrint Software, LLC) C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe (Zone Labs, LLC) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE () C:\Program Files\Mobogenie\DaemonProcess.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe () C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Zone Labs, LLC) C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Adobe Systems Incorporated) C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [VBoxTray] - C:\WINDOWS\system32\VBoxTray.exe [1312016 2013-12-18] (Oracle Corporation) HKU\Kevin\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2014-01-14] (Google Inc.) HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-11] () HKU\Kevin\...\Run: [Google Update*] - [x] ========================== Services (Whitelisted) ================= S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 VBoxService; C:\Windows\System32\VBoxService.exe [1503504 2013-12-18] (Oracle Corporation) S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\ \ \???\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\GoogleUpdate.exe" ==================== Drivers (Whitelisted) ==================== S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [117008 2013-12-18] (Oracle Corporation) S3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [100112 2013-12-18] (Oracle Corporation) S1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [244496 2013-12-18] (Oracle Corporation) S3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [117520 2013-12-18] (Oracle Corporation) S1 WS2IFSL; ========================== Drivers MD5 ======================= C:\Windows\System32\drivers\ac97intc.sys 0F2D66D5F08EBE2F77BB904288DCF6F0 C:\Windows\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B C:\Windows\System32\Drivers\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210 C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\Windows\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE C:\Windows\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411 C:\Windows\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203 C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\Windows\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA C:\Windows\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71 C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\Windows\System32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\Windows\System32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C C:\Windows\System32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\Windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\Windows\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3 C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\Windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9 C:\Windows\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516 C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\Windows\System32\DRIVERS\intelide.sys 4B6DA2F0A4095857A9E3F3697399D575 C:\Windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\Windows\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74 C:\Windows\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659 C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\Windows\System32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517 C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\Windows\System32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F C:\Windows\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB C:\Windows\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5 C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD C:\Windows\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0 C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\Windows\System32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1 C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\Windows\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\Windows\System32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\Windows\System32\DRIVERS\parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75 C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\Windows\System32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C C:\Windows\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC C:\Windows\System32\Drivers\Pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D C:\Windows\System32\DRIVERS\pcntpci5.sys 7BC8027D56FAB153A987C56AE9835664 C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1 C:\Windows\System32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD C:\Windows\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\Windows\System32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\Windows\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A C:\Windows\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\Windows\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733 C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B C:\Windows\System32\DRIVERS\VBoxGuest.sys EF2AB6ED00612174208CA15DCE6C926F C:\Windows\System32\DRIVERS\VBoxMouse.sys C6ADB8FC34C902DF785E8C31FA36124E C:\Windows\System32\drivers\VBoxSF.sys 5C425F29AC9D863DBD16013E33A51A41 C:\Windows\System32\DRIVERS\VBoxVideo.sys 1C82BB24AFBC479384F15BFD0F6CF273 C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\Windows\System32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC 2014-01-14 07:06 - 2014-01-14 07:11 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini 2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST 2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google 2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____c:\users\Kevin\appdata\local\we4032.dll",Startup 2014-01-14 05:51 - 2008-04-14 07:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL 2014-01-14 05:51 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system\TIMER.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00003360 _____ (Microsoft Corporation) C:\Windows\system\SYSTEM.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00003072 ____N C:\Windows\System32\CONFIG.TMP 2014-01-14 05:51 - 2008-04-14 07:00 - 00002176 _____ (Microsoft Corporation) C:\Windows\system\VGA.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00002032 _____ (Microsoft Corporation) C:\Windows\system\MOUSE.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00002000 _____ (Microsoft Corporation) C:\Windows\system\KEYBOARD.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00001896 _____ C:\Windows\System32\AUTOEXEC.NT 2014-01-14 05:51 - 2008-04-14 07:00 - 00001744 _____ (Microsoft Corporation) C:\Windows\system\SOUND.DRV 2014-01-14 05:51 - 2008-04-14 07:00 - 00001152 _____ (Microsoft Corporation) C:\Windows\system\MMTASK.TSK 2014-01-14 05:51 - 2008-04-13 14:33 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\storprop.dll 2014-01-14 05:50 - 2014-01-14 06:44 - 00209267 _____ C:\Windows\setupapi.log 2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff 2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG 2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG 2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log 2014-01-14 05:50 - 2014-01-14 05:03 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT 2014-01-14 05:50 - 2014-01-14 05:02 - 00170548 _____ C:\Windows\setupact.log 2014-01-14 05:50 - 2014-01-14 04:55 - 00000212 ___SH C:\boot.ini 2014-01-14 05:50 - 2008-04-14 07:00 - 01246130 ____R C:\Windows\SET3.tmp 2014-01-14 05:43 - 2014-01-14 05:51 - 00000000 ____D C:\Windows\system 2014-01-14 05:43 - 2014-01-14 05:50 - 00000000 ____D C:\Windows\L2Schemas 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\usmt 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\npp 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\fr 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\PeerNet 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\msagent 2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\Media 2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\twain_32 2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\System32\1036 2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\ras 2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\icsxml 2014-01-14 05:43 - 2014-01-14 05:44 - 00000000 ____D C:\Windows\System32\1033 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins 2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\ias 2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\security 2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\repair 2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\ime 2014-01-14 05:43 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Web 2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\pchealth 2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\Help 2014-01-14 05:43 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Cursors 2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\spool 2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\fr-fr 2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa 2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-01-14 05:24 - 2013-04-04 08:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner 2014-01-14 05:20 - 2014-01-14 06:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData 2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData 2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler 2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\BearShare 2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\program files (x86)\BearShare Applications 2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\{D398BDFF-BC85-4852-B26D-4CA820357DB2} 2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Program Files\Google 2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google 2014-01-14 05:18 - 2014-01-14 05:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google 2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla 2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla 2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups 2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\program files (x86)\sgpsa\BHO.dll 2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle 2014-01-14 05:10 - 2013-12-18 10:33 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe 2014-01-14 05:10 - 2013-12-18 10:33 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe 2014-01-14 05:10 - 2013-12-18 10:32 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys 2014-01-14 05:10 - 2013-12-18 10:32 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys 2014-01-14 05:10 - 2013-12-18 10:32 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll 2014-01-14 05:04 - 2014-01-14 07:09 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini 2014-01-14 05:04 - 2014-01-14 07:03 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau 2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer 2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau 2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression 2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique 2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris 2014-01-14 05:04 - 2014-01-14 04:56 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les 2014-01-14 05:03 - 2014-01-14 06:59 - 00007454 _____ C:\Windows\SchedLgU.Txt 2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique 2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique 2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD 2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini 2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx 2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb 2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb 2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT 2014-01-14 04:58 - 2014-01-14 07:10 - 00017393 _____ C:\Windows\WindowsUpdate.log 2014-01-14 04:58 - 2014-01-14 04:59 - 00000000 __SHD C:\Documents and Settings\All Users\DRM 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne 2014-01-14 04:57 - 2014-01-14 05:03 - 00000000 ____D C:\Windows\System32\Restore 2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker 2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex 2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex 2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf 2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf 2014-01-14 04:56 - 2014-01-14 05:04 - 00000936 _____ C:\Windows\wmsetup.log 2014-01-14 04:56 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\Registration 2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat 2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log 2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini 2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications 2014-01-14 04:56 - 2008-04-14 07:00 - 00027768 _____ C:\Windows\System32\tslabels.ini 2014-01-14 04:56 - 2008-04-14 07:00 - 00026680 _____ C:\Windows\Rivi�re Sumida.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00026582 _____ C:\Windows\Granit vert.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00024006 _____ C:\Windows\System32\gb2312.uce 2014-01-14 04:56 - 2008-04-14 07:00 - 00022984 _____ C:\Windows\System32\bopomofo.uce 2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\qwinsta.exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\msg.exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\tsshutdn.exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\qappsrv.exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00017362 _____ C:\Windows\Rhododendron.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00017336 _____ C:\Windows\Jour de p�che.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\Windows\Tasse � caf�.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\program files (x86)\sgpsa\mtwb3sh.dll 2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\we4032.dll",Startup 2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\houiphcfm\qhkdcacshdw.exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\microsoft\windows\temporary internet files\content.ie5\sadfc401\access[1].exe 2014-01-14 04:56 - 2008-04-14 07:00 - 00016740 _____ C:\Windows\System32\shiftjis.uce 2014-01-14 04:56 - 2008-04-14 07:00 - 00016730 _____ C:\Windows\Plume.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00003914 _____ C:\Windows\System32\msdtcprf.ini 2014-01-14 04:56 - 2008-04-14 07:00 - 00003286 _____ C:\Windows\System32\tslabels.h 2014-01-14 04:56 - 2008-04-14 07:00 - 00001272 _____ C:\Windows\Rosace bleue 16.bmp 2014-01-14 04:56 - 2008-04-14 07:00 - 00001263 _____ C:\Windows\System32\usrlogon.cmd 2014-01-14 04:56 - 2008-04-14 07:00 - 00000768 _____ C:\Windows\System32\msdtcprf.h 2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\MsDtc 2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\Com 2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Windows NT 2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log 2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN 2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\msdtc.exe 2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\dcomcnfg.exe 2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll 2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll 2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\mtxex.dll 2014-01-14 04:55 - 2008-04-13 13:34 - 00040840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys 2014-01-14 04:55 - 2008-04-13 05:32 - 00196224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys 2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll 2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe 2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll 2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys 2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys 2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll ==================== One Month Modified Files and Folders ======= 2014-01-14 07:11 - 2014-01-14 07:06 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini 2014-01-14 07:10 - 2014-01-14 04:58 - 00017393 _____ C:\Windows\WindowsUpdate.log 2014-01-14 07:09 - 2014-01-14 05:04 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini 2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC 2014-01-14 07:03 - 2014-01-14 05:04 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau 2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Program Files\Google 2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google 2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-01-14 06:59 - 2014-01-14 05:03 - 00007454 _____ C:\Windows\SchedLgU.Txt 2014-01-14 06:58 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData 2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Bureau 2014-01-14 06:44 - 2014-01-14 05:50 - 00209267 _____ C:\Windows\setupapi.log 2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-codedownloader.job 2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-chromeinstaller.job 2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-firefoxinstaller.job 2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST 2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google 2014-01-14 05:53 - 2014-01-14 05:53 - 00004444 _____ C:\Windows\System32\pid.PNF 2014-01-14 05:52 - 2014-01-14 05:52 - 00000393 _____ C:\Windows\wiadebug.log 2014-01-14 05:52 - 2014-01-14 05:52 - 00000050 _____ C:\Windows\wiaservc.log 2014-01-14 05:52 - 2014-01-14 05:52 - 00000000 _____ C:\Windows\Sti_Trace.log 2014-01-14 05:51 - 2014-01-14 05:51 - 00001470 _____ C:\Windows\regopt.log 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___SD C:\Documents and Settings\Default User\Local Settings\Historique 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Default User\Menu D�marrer 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage r�seau 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage d'impression 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\All Users\Mod�les 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Favoris 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Bureau 2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Favoris 2014-01-14 05:51 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\system 2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer 2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau 2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression 2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique 2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique 2014-01-14 05:51 - 2008-04-14 07:00 - 00000231 _____ C:\Windows\system.ini 2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff 2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav 2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG 2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG 2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009 2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009\av2009.exe 2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log 2014-01-14 05:50 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\L2Schemas 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\usmt 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\npp 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\PeerNet 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\msagent 2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Media 2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\twain_32 2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1036 2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ras 2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\icsxml 2014-01-14 05:44 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1033 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard 2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins 2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa 2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes 2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner 2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData 2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler 2014-01-14 05:19 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google 2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla 2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla 2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\users\Kevin\appdata\roaming\2B2CF94012581557DBFF5E801EB42A26 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla 2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups 2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle 2014-01-14 05:05 - 2014-01-14 05:51 - 00775210 _____ C:\Windows\System32\PerfStringBackup.INI 2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique 2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris 2014-01-14 05:04 - 2014-01-14 04:56 - 00000936 _____ C:\Windows\wmsetup.log 2014-01-14 05:04 - 2008-04-14 07:00 - 00002206 _____ C:\Windows\System32\wpa.dbl 2014-01-14 05:03 - 2014-01-14 05:50 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT 2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD 2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini 2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2014-01-14 05:03 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Restore 2014-01-14 05:02 - 2014-01-14 05:51 - 00049064 _____ C:\Windows\iis6.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00016202 _____ C:\Windows\comsetup.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00010818 _____ C:\Windows\tsoc.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00008071 _____ C:\Windows\ntdtcsetup.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00004382 _____ C:\Windows\imsins.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00001252 _____ C:\Windows\tabletoc.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00000885 _____ C:\Windows\ocmsn.log 2014-01-14 05:02 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\All Users\Menu D�marrer 2014-01-14 05:02 - 2014-01-14 05:50 - 00170548 _____ C:\Windows\setupact.log 2014-01-14 04:59 - 2014-01-14 05:51 - 00004205 _____ C:\Windows\ODBCINST.INI 2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ias 2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\security 2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\repair 2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\ime 2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx 2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb 2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb 2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS 2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT 2014-01-14 04:59 - 2014-01-14 04:58 - 00000000 __SHD C:\Documents and Settings\All Users\DRM 2014-01-14 04:59 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Registration 2014-01-14 04:59 - 2008-04-14 07:00 - 00000477 _____ C:\Windows\win.ini 2014-01-14 04:58 - 2014-01-14 05:43 - 00000000 ___RD C:\Windows\Web 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate 2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne 2014-01-14 04:57 - 2014-01-14 05:51 - 00014772 _____ C:\Windows\ocgen.log 2014-01-14 04:57 - 2014-01-14 05:51 - 00011537 _____ C:\Windows\FaxSetup.log 2014-01-14 04:57 - 2014-01-14 05:51 - 00002790 _____ C:\Windows\netfxocm.log 2014-01-14 04:57 - 2014-01-14 05:51 - 00001487 _____ C:\Windows\MedCtrOC.log 2014-01-14 04:57 - 2014-01-14 05:51 - 00000871 _____ C:\Windows\msgsocm.log 2014-01-14 04:57 - 2014-01-14 05:51 - 00000000 ____D C:\Program Files\Fichiers communs 2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\pchealth 2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Help 2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting 2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker 2014-01-14 04:56 - 2014-01-14 05:51 - 00010222 _____ C:\Windows\msmqinst.log 2014-01-14 04:56 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Mod�les 2014-01-14 04:56 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Cursors 2014-01-14 04:56 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les 2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat 2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log 2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini 2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger 2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications 2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\MsDtc 2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\Com 2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\Windows NT 2014-01-14 04:55 - 2014-01-14 05:50 - 00000212 ___SH C:\boot.ini 2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mobogenie 2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\spool 2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr-fr 2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Installer\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}\icon.ico 2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log 2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN 2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll 2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll 2013-12-18 10:33 - 2014-01-14 05:10 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe 2013-12-18 10:33 - 2014-01-14 05:10 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe 2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe 2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll 2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll 2013-12-18 10:32 - 2014-01-14 05:10 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys 2013-12-18 10:32 - 2014-01-14 05:10 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys 2013-12-18 10:32 - 2014-01-14 05:10 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll 2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys 2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys 2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe [2008-04-14 07:00] - [2008-04-14 07:00] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174 C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe [2008-04-14 07:00] - [2008-04-14 07:00] - 0109056 ____A (Microsoft Corporation) 54cb50058851d95e56ec70d09f70857f C:\Windows\System32\User32.dll [2008-04-14 07:00] - [2008-04-14 07:00] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2008-04-14 07:00] - [2008-04-14 07:00] - 0399360 ____A (Microsoft Corporation) 3d65eb82e1fa6db15a33e024c9e03cab C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points (XP) ===================== RP: -> 2014-01-14 06:45 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP5 RP: -> 2014-01-14 06:43 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP4 RP: -> 2014-01-14 05:25 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP3 RP: -> 2014-01-14 05:24 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP2 RP: -> 2014-01-14 05:05 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP1 ==================== Memory info =========================== Percentage of memory in use: 21% Total physical RAM: 851.48 MB Available physical RAM: 668 MB Total Pagefile: 770.97 MB Available Pagefile: 669.83 MB Total Virtual: 2047.88 MB Available Virtual: 1993.08 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS Drive c: () (Fixed) (Total:9.99 GB) (Free:6.2 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 10 GB) (Disk ID: 96A696A6) Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS) ==================== End Of Log ============================