Bonjour,
Je découvre et rejoint ce forum que j'ai découvert grâce (ou à cause) d'une bonne infection de mon PC que je n'arrive pas à désinfecter seul malgré toute l'expérience que je croyais avoir...
Je remercie par avance de toute l'aide qui pourra m'être apportée.
Voilà le problème.
1- L'origine est d'avoir commis une grave imprudence en arrêtant mon antivirus le temps d'une installation d'un programme fraîchement récupéré sur les newsgroups.
2 - je me suis immédiatement rendu compte via le visualisateur d'activité réseau NetWorx (qui tourne en permanence sur le pc) d'une activité anormale du PC vers Internet.
3 - j'ai alors lancé Wireshark et j'ai découvert un festival : le pc envoyait des connexions extrèmement fréquentes à de multiples sites genre gov_us ; Lotus,etc. enfin que du beau monde !
4 - Débranchement liaison éthernet (connexion via freebox).
5 - avec Avira et Malwarebytes antimalware et plusieurs analyses, plus de 40 virus et Malwares détectés et à priori supprimés, plus rien n'est détecté actuellement par ces produits/
6- mais le canard est toujours vivant: quand je fais une recherche avec Google, une redirection se produit pour m'envoyer vers d'autres sites que celui espéré, par exemple pas moyen d'aller sur la page de téléchargement de hijackthis.
Je précise que j'utilise un autre pc pour rédiger ce message...
7- A partir de cet autre pc j'ai donc découvert votre site et téléchargé le logiciel OTL que j'ai gravé sur cd et fait exécuter par le pc virussé en utilisant la personnalisation telle qu'indiqué dans le message au début de ce sous-forum.
8- J'ai récupéré le fichier OTL sur une clé usb pour le transférer et le coller çi-dessous.
9 Conformément aux bons usages et ne pas courir plusieurs lièvres, je ne fais cette tentative de désinfection que sur ce forum.
Merci par avance et à votre écoute pour ce qui est à faire et bien sûr donner toutes les informations complémentaires.
Cordialement
- Code: Tout sélectionner
OTL logfile created on: 30/11/2010 14:34:16 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\HP_Propriétaire\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 905,34 Gb Total Space | 711,08 Gb Free Space | 78,54% Space Free | Partition Type: NTFS
Drive D: | 26,16 Gb Total Space | 22,35 Gb Free Space | 85,41% Space Free | Partition Type: FAT32
Drive L: | 931,51 Gb Total Space | 628,02 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive M: | 1,92 Gb Total Space | 1,92 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: NOM-641695C7437 | User Name: HP_Propriétaire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Documents and Settings\HP_Propriétaire\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
PRC - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
PRC - C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\Documents and Settings\HP_Propriétaire\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (NWCWorkstation) -- C:\WINDOWS\System32\nwcwks.dll File not found
SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe File not found
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (LVPrcSrv) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (INFUSB) -- C:\WINDOWS\System32\drivers\infusb.sys File not found
DRV - (BTWUSB) -- C:\WINDOWS\System32\Drivers\btwusb.sys File not found
DRV - (BTWDNDIS) -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys File not found
DRV - (BTDriver) -- C:\WINDOWS\System32\DRIVERS\btport.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (Device) -- C:\WINDOWS\system32\bulkusb.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (rspSanity) -- C:\WINDOWS\system32\drivers\rspSanity32.sys (Resplendence Software Projects Sp.)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (Spyder3) -- C:\WINDOWS\system32\drivers\Spyder3.sys ()
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam Fusion(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()
DRV - (lvmvdrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys ()
DRV - (Lvckap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
DRV - (TVicPort) -- C:\WINDOWS\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (CYGF32X) -- C:\WINDOWS\system32\drivers\CygF32x.sys (Cygnal Integrated Products)
DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (pctvvbi) -- C:\WINDOWS\system32\drivers\pctvvbi.sys (Pinnacle Systems)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation )
DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\Aspi32.sys (Adaptec)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.type: 0
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 21:47:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/28 09:41:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/10/29 13:21:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/08/09 16:27:15 | 000,000,000 | ---D | M]
[2009/09/04 10:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions
[2009/12/09 19:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2008/07/23 20:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/09/03 16:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions\MediaCoder
[2009/09/04 10:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2010/11/29 22:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\lmj619x4.default\extensions
[2010/11/04 00:35:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\lmj619x4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/02/08 13:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\lmj619x4.default\extensions\fr@dictionaries.addons.mozilla.org
[2005/11/12 22:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Sunbird\extensions
[2007/06/24 07:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Sunbird\Profiles\njcghvwu.default\extensions
[2009/12/05 11:10:45 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\lmj619x4.default\searchplugins\bing.xml
[2010/11/29 22:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 22:40:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/09 16:26:04 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/05/11 16:41:00 | 000,200,704 | ---- | M] (Ancestry.com) -- C:\Program Files\Mozilla Firefox\plugins\npImgCtl.dll
[2010/09/10 10:18:06 | 000,166,680 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
[2010/07/23 20:13:48 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/23 20:13:48 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/23 20:13:48 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/23 20:13:48 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/23 20:13:48 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/11/30 00:06:59 | 000,000,029 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PDFXChange 4.0 IE Plugin) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (PDFXChange 4.0 IE Plugin) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)
O3 - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\..\Toolbar\WebBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AutorunsDisabled [2009/10/20 18:15:39 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1892484816-1091335572-1811184859-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159307269906 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1192003358218 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2004/01/01 14:06:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{09603c76-0e68-11df-a164-00112f95d2a0}\Shell - "" = AutoRun
O33 - MountPoints2\{09603c76-0e68-11df-a164-00112f95d2a0}\Shell\AutoRun\command - "" = VIDEO_TS/mplayerc.exe
O33 - MountPoints2\{09603c77-0e68-11df-a164-00112f95d2a0}\Shell - "" = AutoRun
O33 - MountPoints2\{09603c77-0e68-11df-a164-00112f95d2a0}\Shell\AutoRun\command - "" = VIDEO_TS/mplayerc.exe
O33 - MountPoints2\{a436a1fb-ed7f-11dd-b04d-00112f95d2a0}\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - C:\WINDOWS\System32\nwcwks.dll File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: hitmanpro35 - Reg Error: Value error.
SafeBootNet: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet: HitmanPro35Crusader - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Reg Error: Value error.
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} -
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\system32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: AutorunsDisabled -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - pdvcodec.dll File not found
Drivers32: vidc.ffds - ff_vfw.dll File not found
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.VP40 - vp4vfw.dll File not found
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/11/30 13:44:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Propriétaire\Recent
[2010/11/30 11:02:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Propriétaire\Bureau\OTL.exe
[2010/11/29 22:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\WidePush
[2010/11/29 22:50:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/11/29 01:26:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 01:26:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/29 01:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/28 12:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\NewsLeecher
[2010/11/23 16:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau\101123c
[2010/11/23 12:08:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau\101123
[2010/11/21 01:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\vlc
[2010/11/16 21:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau\2010-11-16
[2010/11/15 19:25:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau\2010-11-15
[2010/11/01 15:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\ZEROPLUS
[2010/10/31 19:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\TTXLBack2
[2008/04/14 12:00:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\ic1.exe
[2006/12/16 23:03:22 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/11/30 14:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/30 14:16:48 | 001,402,122 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/11/30 14:16:48 | 001,209,600 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/30 14:16:48 | 000,464,744 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/11/30 14:16:48 | 000,372,698 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/30 14:13:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/30 14:12:45 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/30 14:12:44 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1892484816-1091335572-1811184859-1007.job
[2010/11/30 14:12:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/30 14:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/11/30 13:46:06 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/30 13:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/11/30 13:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/11/30 12:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/30 12:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/11/30 11:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/11/30 11:17:14 | 000,002,727 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero Burning ROM 10.lnk
[2010/11/30 11:16:53 | 000,614,776 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\bookmarks-2010-11-30.json
[2010/11/30 11:15:31 | 000,024,917 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\listemails.ldif
[2010/11/30 11:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/11/30 10:45:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Propriétaire\Bureau\OTL.exe
[2010/11/30 10:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/30 10:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/11/30 09:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/30 09:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/11/30 08:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/30 08:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/11/30 07:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/30 07:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/11/30 06:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/30 06:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/11/30 05:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/11/30 05:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/11/30 04:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/11/30 04:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/11/30 03:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/11/30 03:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/11/30 02:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/11/30 02:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/11/30 01:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/30 01:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/11/30 00:20:03 | 000,009,118 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\cc_20101130_001959.reg
[2010/11/30 00:08:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/11/30 00:06:59 | 000,000,029 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/29 23:46:41 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EssentialPIM.lnk
[2010/11/29 23:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/29 23:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/11/29 22:53:21 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/11/29 22:52:30 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\8d7togG.dat
[2010/11/29 22:51:25 | 001,617,920 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\AGENDA.EPIM.bak
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/29 21:16:56 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\PICkit 2 v2.61.lnk
[2010/11/29 09:35:34 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/11/29 01:26:47 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/11/28 12:32:18 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\NewsLeecher.lnk
[2010/11/28 02:16:22 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2010/11/27 22:54:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1892484816-1091335572-1811184859-1007.job
[2010/11/27 14:43:18 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/25 21:47:23 | 000,072,030 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\NewDatabase.kdbx
[2010/11/25 15:27:31 | 005,522,169 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\NUT2009sa0099.pdf
[2010/11/24 12:00:32 | 000,047,640 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\Atmel8univ3.pdf
[2010/11/24 11:57:58 | 000,129,469 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\atmega8_5.pdf
[2010/11/23 13:04:55 | 000,002,235 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EasyLog USB.lnk
[2010/11/21 01:38:12 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/11/07 23:43:43 | 000,012,224 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\last.alc
[2010/11/01 15:18:34 | 000,001,908 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\LAP-C(16032)_Standard_V3.09.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/11/30 11:16:52 | 000,614,776 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\bookmarks-2010-11-30.json
[2010/11/30 11:15:31 | 000,024,917 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\listemails.ldif
[2010/11/30 00:20:01 | 000,009,118 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\cc_20101130_001959.reg
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010/11/29 22:52:30 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\8d7togG.dat
[2010/11/29 22:51:06 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/29 22:51:05 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/29 22:51:05 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/29 22:51:04 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
Suite du même rapport :
- Code: Tout sélectionner
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/29 22:51:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/29 22:51:02 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/29 22:51:01 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/29 22:51:00 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/29 01:26:47 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/11/28 12:32:18 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\NewsLeecher.lnk
[2010/11/25 15:27:30 | 005,522,169 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\NUT2009sa0099.pdf
[2010/11/24 12:00:31 | 000,047,640 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\Atmel8univ3.pdf
[2010/11/24 11:57:56 | 000,129,469 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\atmega8_5.pdf
[2010/11/21 01:38:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/11/01 15:18:34 | 000,001,908 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\LAP-C(16032)_Standard_V3.09.lnk
[2010/09/24 10:04:46 | 000,290,904 | ---- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2010/08/10 20:39:10 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2010/08/10 08:46:08 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\bdfvconp.ini
[2010/08/04 17:34:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/27 22:51:01 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/07/27 00:33:44 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/06/25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/05/31 23:00:00 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\edittextboxpro.dll
[2010/03/01 21:36:30 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\housecall.guid.cache
[2010/02/21 01:15:30 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2010/01/31 15:31:10 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2009/11/27 12:50:58 | 000,000,093 | ---- | C] () -- C:\WINDOWS\Antidote7.ini
[2009/09/25 13:49:39 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\AutoGK.ini
[2009/08/23 11:02:57 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/13 10:35:38 | 000,000,238 | ---- | C] () -- C:\WINDOWS\PBSTUDIO.INI
[2009/01/28 22:03:59 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/25 22:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/09 00:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/21 10:57:35 | 000,000,239 | ---- | C] () -- C:\WINDOWS\ToneGenC.INI
[2008/12/16 20:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/12/16 20:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008/11/23 15:45:25 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe
[2008/06/17 19:53:28 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Reverb
[2008/06/17 19:53:28 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Radio Sounds
[2008/06/17 19:53:28 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2008/06/17 19:53:28 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Abstract
[2008/06/17 19:53:25 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Robot
[2008/06/17 19:53:25 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Receipts
[2008/06/17 19:53:25 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Action
[2008/06/17 19:49:23 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2008/06/17 19:43:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Home
[2008/05/09 07:53:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Resources
[2008/05/09 07:47:49 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbz.DAT
[2008/04/10 20:01:35 | 000,008,575 | ---- | C] () -- C:\WINDOWS\System32\D125UFW.INI
[2008/03/19 14:26:52 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys
[2008/03/07 15:53:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2007/12/27 00:43:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdy.DAT
[2007/11/11 19:27:30 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Hybrid Morph
[2007/11/11 19:27:30 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Horn Section
[2007/11/11 19:23:45 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLeh.DAT
[2007/10/26 20:14:51 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\DonationCoder_processtamer_InstallInfo.dat
[2007/08/25 23:51:59 | 000,000,040 | ---- | C] () -- C:\WINDOWS\sudoku.ini
[2007/08/25 23:51:58 | 000,000,015 | ---- | C] () -- C:\WINDOWS\sudoku2.ini
[2007/06/25 20:28:55 | 001,188,864 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\questdb.v12
[2007/06/25 20:28:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\CDRusersDB.v12
[2007/05/18 23:24:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2007/05/18 18:01:23 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/04/28 08:38:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\cuatro.ini
[2006/12/30 20:49:37 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2006/12/19 09:01:40 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2006/12/16 23:03:41 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.log
[2006/12/16 23:03:22 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe
[2006/12/16 23:03:22 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.cat
[2006/12/16 23:03:22 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.inf
[2006/11/17 00:00:18 | 000,000,083 | -HS- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\.zreglib
[2006/11/12 00:28:21 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2006/11/08 09:59:14 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2006/11/08 09:59:14 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2006/11/08 09:59:14 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2006/10/02 11:42:13 | 000,000,153 | ---- | C] () -- C:\Program Files\log.txt
[2006/09/13 08:02:19 | 000,010,081 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/09/13 07:51:18 | 000,000,719 | ---- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2006/09/13 07:48:02 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Installer.log
[2006/08/27 16:38:35 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\satsukidecodersettings.ini
[2006/08/24 21:37:00 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2006/08/24 16:39:48 | 000,618,496 | ---- | C] () -- C:\WINDOWS\System32\stlpmt45.dll
[2006/08/24 16:39:48 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/08/24 16:39:47 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/08/24 16:39:39 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\LPNG.DLL
[2006/08/24 06:42:04 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2006/08/23 23:00:26 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\fusioncache.dat
[2006/04/27 09:24:24 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2005/12/17 14:03:15 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/09 15:23:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedt.INI
[2005/09/24 11:42:24 | 000,000,294 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/28 12:37:24 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/07/28 12:37:22 | 001,912,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005/07/28 12:35:04 | 002,169,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2005/07/14 11:31:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005/06/21 21:37:42 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005/06/08 21:58:20 | 000,014,025 | ---- | C] () -- C:\WINDOWS\TWAINCAP.INI
[2005/05/07 11:11:32 | 000,000,096 | ---- | C] () -- C:\WINDOWS\MatrixStudio.INI
[2005/04/02 07:37:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/03/15 14:23:41 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/03/14 13:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2005/01/01 21:17:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\sversion.ini
[2004/12/29 11:39:00 | 000,000,810 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2004/12/19 19:32:05 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/12/18 00:51:02 | 000,081,321 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2004/12/12 23:01:48 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2004/12/12 20:54:50 | 000,002,810 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
[2004/12/12 20:52:41 | 000,000,622 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/12/12 17:04:56 | 000,000,048 | ---- | C] () -- C:\WINDOWS\mesnews2.ini
[2004/05/18 09:01:50 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Ogc.dll
[2004/05/17 18:01:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSilva.dll
[2004/05/17 18:00:58 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSena.dll
[2004/05/17 18:00:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMlr.dll
[2004/05/17 18:00:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMagellan.dll
[2004/05/17 18:00:38 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvLowrance.dll
[2004/05/17 18:00:28 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvGarmin.dll
[2004/03/18 07:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/02/27 17:10:30 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/13 09:52:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Nmea.dll
[2004/01/02 05:59:41 | 000,100,530 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/01/02 05:59:40 | 000,105,873 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/01/01 21:54:04 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/01 21:23:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/01 17:53:37 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/01/01 17:52:25 | 000,023,967 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/01 17:51:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/01 15:41:05 | 000,008,572 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2004/01/01 15:35:12 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/01 14:59:48 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/01 14:57:07 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/01 14:57:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/01 14:56:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/01 14:09:25 | 000,000,851 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/27 15:50:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ConversApi.dll
[2002/11/25 15:11:22 | 000,688,128 | ---- | C] () -- C:\WINDOWS\System32\BCGCB474.dll
[2002/01/13 17:12:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\CP30FW.DLL
[2001/12/19 09:07:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResFRA.dll
[1999/09/20 09:05:32 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/12/03 00:12:27 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp40.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[color=#E56717]========== LOP Check ==========[/color]
[2004/01/01 17:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Intervideo
[2004/01/01 18:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\SampleView
[2006/04/25 23:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Newsbin
[2010/03/23 23:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/01/24 00:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/25 01:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atmel
[2008/06/15 08:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/04/05 17:49:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/12/03 13:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2010/01/31 13:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2007/11/19 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2008/06/17 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/03/01 21:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2006/12/09 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2010/07/27 23:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2007/04/08 21:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/01 17:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/05/25 08:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2004/12/13 09:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/11/11 19:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Organs
[2008/01/25 17:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010/07/27 00:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2007/01/25 11:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/04/17 09:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pegasys Inc
[2010/05/14 11:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/05/14 11:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2008/08/29 09:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2010/05/14 11:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection
[2009/11/03 22:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2008/10/24 21:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2006/11/08 09:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/02/04 10:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2005/01/16 17:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/06/08 23:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftPerfect
[2009/12/14 23:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sokoban++
[2010/05/14 11:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 14
[2008/07/23 20:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2004/12/27 13:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/06/17 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/11/23 15:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/02/21 00:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2004/01/01 17:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/01 18:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/11/30 09:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/11/30 10:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/11/30 11:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/11/30 12:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/11/30 13:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/11/30 14:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/11/30 01:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/11/29 22:51:06 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/11/29 23:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010/11/30 00:08:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2010/11/30 01:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2010/11/30 02:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2010/11/30 03:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2010/11/30 04:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2010/11/30 02:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/11/30 05:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2010/11/30 06:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2010/11/30 07:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2010/11/30 08:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2010/11/30 09:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2010/11/30 10:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2010/11/30 11:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010/11/30 12:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010/11/30 13:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010/11/30 14:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2010/11/30 03:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2010/11/29 22:52:40 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010/11/29 23:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010/11/30 04:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/11/30 05:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/11/30 06:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/11/30 07:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/11/30 08:21:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2010/01/31 13:53:53 | 000,691,696 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drivers\sptd.sys
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/03/23 23:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2009/10/14 07:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/01/24 00:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/02 09:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/02/08 09:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/09/25 01:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atmel
[2010/09/16 23:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/08/17 23:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2008/06/15 08:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/04/05 17:49:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/12/03 13:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ChessBase
[2010/01/31 13:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2006/11/03 21:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2007/11/19 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2008/06/17 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/03/01 21:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2007/12/11 01:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2006/12/09 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2006/12/25 19:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2010/07/27 23:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2007/04/08 21:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/01 17:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/01/06 12:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/03/14 00:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2005/03/23 15:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2010/10/13 15:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/17 21:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/08/03 23:14:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2004/01/01 17:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2010/08/04 13:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2008/05/25 08:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2004/12/13 09:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/11/11 19:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Organs
[2008/01/25 17:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010/07/27 00:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2007/01/25 11:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/04/17 09:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pegasys Inc
[2010/05/14 11:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/05/14 11:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2008/08/29 09:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2010/05/14 11:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection
[2004/01/01 17:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2007/06/22 23:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raxco
[2010/05/29 21:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2009/11/03 22:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2004/01/01 14:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/10/24 21:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2006/11/08 09:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/02/04 10:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2005/01/16 17:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/06/08 23:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftPerfect
[2009/12/14 23:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sokoban++
[2010/08/01 12:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/05/14 11:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 14
[2010/04/02 08:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/13 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2006/08/23 23:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2008/07/23 20:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2004/12/27 13:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/06/17 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/11/23 15:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2005/08/17 20:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/01/04 14:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2010/02/21 00:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2007/04/08 21:09:27 | 021,489,968 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web.exe
[2007/04/08 21:10:02 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe
[2007/04/08 21:10:02 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe
[2007/04/08 21:10:02 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2009/11/21 22:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Acronis
[2010/02/28 02:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
[2007/02/28 13:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM
[2010/08/03 23:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Ahead
[2009/10/08 09:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Anthropics
[2009/10/20 18:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Any Video Converter
[2009/09/23 11:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Any Video Converter Professional
[2006/08/23 23:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer
[2008/06/27 14:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\ArcSoft
[2010/08/01 13:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\ATI
[2010/09/06 09:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Auslogics
[2010/09/16 23:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Avira
[2010/08/17 23:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\AVS4YOU
[2010/10/29 08:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Azureus
[2010/03/15 12:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\BonkEnc
[2009/10/14 08:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Broad Intelligence
[2008/01/27 12:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\BSDh9
[2009/01/26 00:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\CadSoft
[2010/11/29 12:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Canon
[2009/12/03 13:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\ChessBase
[2005/09/13 20:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Creative
[2009/01/28 22:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\DAEMON Tools
[2010/01/31 13:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\DAEMON Tools Lite
[2009/01/28 22:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\DAEMON Tools Pro
[2010/03/07 13:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\DiskSpaceFan
[2006/11/20 16:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Druide
[2010/08/14 23:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\dvdcss
[2008/11/23 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\DVDFab
[2006/11/17 00:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Elaborate Bytes
[2006/02/27 06:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\EssentialPIM
[2006/01/19 10:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Ethereal
[2010/11/29 14:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\FileZilla
[2009/02/05 21:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Foxit
[2010/08/09 16:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Foxit Software
[2010/04/23 20:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\FreeAudioPack
[2010/04/23 20:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\FreeCDRipper
[2010/08/22 00:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\GHISLER
[2007/12/02 15:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Google
[2010/11/28 12:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\GrabIt
[2009/10/21 23:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0
[2008/06/27 11:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Généatique2007
[2009/10/04 21:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\HDRsoft
[2004/12/18 15:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Help
[2004/01/01 14:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Identities
[2006/12/25 19:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express
[2007/10/23 22:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\InstallShield
[2006/08/26 13:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Intervideo
[2010/11/25 21:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\KeePass
[2006/01/21 18:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Kerio
[2007/06/14 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Lavasoft
[2009/08/22 10:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\LEA
[2005/01/19 22:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Leadertech
[2007/04/17 09:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\LEAPS
[2010/03/13 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Logishrd
[2010/03/13 19:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Logitech
[2007/07/01 10:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia
[2010/10/13 15:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
[2010/10/16 18:16:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\MCS Electronics
[2010/08/03 12:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Media Player Classic
[2009/09/18 23:22:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
[2010/04/24 15:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\mkvtoolnix
[2004/12/11 16:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Motive
[2008/06/17 20:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla
[2005/11/16 20:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\NCH Swift Sound
[2010/08/03 23:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Nero
[2010/11/28 12:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\NewsLeecher
[2009/08/03 21:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Nikon
[2007/04/08 21:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Nokia
[2010/06/07 19:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org
[2007/05/17 13:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Opera
[2008/01/25 17:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\PACE Anti-Piracy
[2007/04/06 20:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\PC Suite
[2007/04/17 09:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Pegasys Inc
[2009/09/23 11:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\PIFreePC
[2010/09/16 11:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\QuickScan
[2010/05/29 22:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Real
[2004/01/01 18:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView
[2010/02/01 14:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\SlySoft
[2009/08/22 10:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\SoftPlug
[2005/09/18 10:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Sonic
[2004/01/01 15:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Sun
[2004/01/01 21:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Symantec
[2009/12/14 23:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\system
[2005/05/13 19:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Talkback
[2010/05/24 10:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Thunderbird
[2010/10/30 20:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\TomTom
[2007/03/17 13:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\tunebite
[2004/12/18 15:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Ulead Systems
[2008/12/13 10:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Uniblue
[2010/11/23 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\vlc
[2010/02/23 09:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Vso
[2009/02/07 11:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
[2009/10/21 09:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Wireshark
[2009/09/15 09:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Xilisoft Corporation
[2008/01/11 11:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Propriétaire\Application Data\XnView
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2006/12/25 22:08:04 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe
[2008/04/14 12:00:00 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\ic1.exe
[2010/02/23 09:46:48 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe
[2005/05/12 05:30:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe\Acrobat\6.0\Updater\AdbeRdr70_fra_full.exe
[2007/01/24 13:35:38 | 023,489,040 | ---- | M] ( ) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
[2009/10/31 10:04:29 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{088348F9-1E7B-4269-A6A2-621FEC00DBB7}\ARPPRODUCTICON.exe
[2009/10/31 10:04:29 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{088348F9-1E7B-4269-A6A2-621FEC00DBB7}\IOM_SHORTCUT_DESKT_088348F91E7B4269A6A2621FEC00DBB7.exe
[2009/10/31 10:04:29 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{088348F9-1E7B-4269-A6A2-621FEC00DBB7}\IOM_SHORTCUT_DESKT_088348F91E7B4269A6A2621FEC00DBB7_1.exe
[2009/10/31 10:04:29 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{088348F9-1E7B-4269-A6A2-621FEC00DBB7}\Uninstall_Iomega_N_088348F91E7B4269A6A2621FEC00DBB7.exe
[2005/01/01 19:45:15 | 000,003,584 | R--- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{121634B0-2F4A-11D3-ADA3-00C04F52DD53}\Icon386ED4E3.exe
[2009/01/16 21:14:57 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010/05/14 11:16:31 | 000,029,926 | R--- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2008/06/17 19:51:45 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2006/09/30 09:12:45 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Installer\{CE378F36-E404-4244-A33F-F50A2A6D31BD}\ARPPRODUCTICON.exe
[2004/01/01 17:55:19 | 000,003,072 | ---- | M] ( ) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Motive\Acme\plugin\maps\resources\deusr\de\JSharp\bin\pchealthde.exe
[2009/08/03 21:13:17 | 031,318,880 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Nikon\Message Center\DOWNLOAD_LOG\14524\S-CCPRO_-250WU-___EN.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2006/03/16 09:33:46 | 002,648,768 | ---- | M] (Microsoft Corporation) -- C:\VCREDI~1.EXE
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[color=#A23BEC]< MD5 for: CHANGER.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=60AF015AB1A721206A2CECBCC7F41968 -- C:\WINDOWS\explorer.exe
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2004/08/05 04:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2004/08/05 04:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[color=#A23BEC]< MD5 for: RDPWD.SYS >[/color]
[2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
[2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys
[2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Sfloppy.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys
[2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys
[2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:splitter.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys
[2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
[2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys
[2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
[color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color]
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys
[2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys
[2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color]
[2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys
[2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[color=#A23BEC]< MD5 for: TDTCP.SYS >[/color]
[2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys
[2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbprint.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys
[2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
[2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
[color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color]
[2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys
[2004/08/05 04:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbscan.sys
[2008/07/10 11:30:18 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys
[2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
[2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=AF94F9660AC09758947F9DD697D62B7F -- C:\WINDOWS\system32\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 1321 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:UcFVceRi2jZgzwSaU7euRqA
@Alternate Data Stream - 1134 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:AhqpzxEsSvBGplL2eS0pA7Y9j
@Alternate Data Stream - 1128 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:pnQs47pXj5GV7qrhsAOUEjGtywpq
< End of report >