OTL reports :
OTL logfile created on: 23/08/2012 18:45:24 - Run 5
OTL by OldTimer - Version 3.2.54.1 Folder = c:\Users\Flore\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1013,44 Mb Total Physical Memory | 152,71 Mb Available Physical Memory | 15,07% Memory free
2,24 Gb Paging File | 0,86 Gb Available in Paging File | 38,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,84 Gb Total Space | 34,56 Gb Free Space | 50,94% Space Free | Partition Type: NTFS
Drive D: | 43,94 Gb Total Space | 29,25 Gb Free Space | 66,57% Space Free | Partition Type: NTFS
Computer Name: PC-DE-FLORE | User Name: Flore | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - c:\Users\Flore\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\INCAInternet\nProtect MBR Guard\nPMBRGuard.exe (INCA Internet Co., Ltd.)
PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files\Blue Ridge Networks\AppGuard\AppGuardGUI.exe (Blue Ridge Networks)
PRC - C:\Program Files\Blue Ridge Networks\AppGuard\AppGuardAgent.exe (Blue Ridge Networks)
PRC - C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe (Privacyware/PWI, Inc.)
PRC - C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe (Privacyware/PWI, Inc.)
PRC - C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
PRC - C:\Program Files\INCAInternet\nProtect MBR Guard\nPMBRSvc.exe (INCA Internet Co., Ltd.)
PRC - C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
PRC - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe (Nitro PDF Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Blue Ridge Networks\AppGuard\AppGuard.dll ()
========== Win32 Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (BRN_APPGUARD_SERVICE) -- C:\Program Files\Blue Ridge Networks\AppGuard\AppGuardAgent.exe (Blue Ridge Networks)
SRV - (PFNet) -- C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe (Privacyware/PWI, Inc.)
SRV - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV - (MBRGuardSvc) -- C:\Program Files\INCAInternet\nProtect MBR Guard\nPMBRSvc.exe (INCA Internet Co., Ltd.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (NitroExpressDriverReadSpool) -- C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe (Nitro PDF Software)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (cpuz135) -- C:\Users\Flore\AppData\Local\Temp\cpuz135\cpuz135_x32.sys File not found
DRV - (cpuz134) -- C:\Users\Flore\AppData\Local\Temp\cpuz134\cpuz134_x32.sys File not found
DRV - (pwipf6) -- C:\Windows\System32\drivers\pwipf6.sys (Privacyware/PWI, Inc.)
DRV - (HWiNFO32) -- C:\Program Files\HWiNFO32\HWiNFO32.SYS (REALiX)
DRV - (BrnFileLock) -- C:\Windows\System32\drivers\BrnFileLock.sys (Blue Ridge Networks)
DRV - (TKDac) -- C:\Windows\System32\tkdacxp.sys (INCA Internet Co., Ltd.)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (diskpt) -- C:\Windows\System32\drivers\diskpt.sys (SHADOWDEFENDER.COM)
DRV - (MBRGUARD) -- C:\Windows\System32\drivers\mbrguard.sys (Blue Ridge Networks)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (flash) -- C:\Windows\System32\drivers\flash.sys ()
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "
http://fr.yahoo.com/"FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/12 14:22:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/12 14:22:44 | 000,000,000 | ---D | M]
[2011/12/04 21:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flore\AppData\Roaming\mozilla\Extensions
[2012/08/12 14:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flore\AppData\Roaming\mozilla\Firefox\Profiles\3mx75wwm.default\extensions
[2012/08/12 14:30:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Flore\AppData\Roaming\mozilla\Firefox\Profiles\3mx75wwm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/08/12 14:30:38 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\Flore\AppData\Roaming\mozilla\Firefox\Profiles\3mx75wwm.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2012/08/12 14:30:35 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Flore\AppData\Roaming\mozilla\Firefox\Profiles\3mx75wwm.default\extensions\FasterFox_Lite@BigRedBrent
[2012/08/12 14:30:36 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Flore\AppData\Roaming\mozilla\Firefox\Profiles\3mx75wwm.default\extensions\
[email protected][2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Flore\AppData\Roaming\Mozilla\Firefox\Profiles\3mx75wwm.default\searchplugins\askcom.xml
[2012/02/18 22:08:44 | 000,002,140 | ---- | M] () -- C:\Users\Flore\AppData\Roaming\Mozilla\Firefox\Profiles\3mx75wwm.default\searchplugins\s-amazon-fr.xml
[2012/08/12 14:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/08/03 02:45:04 | 000,011,890 | ---- | M] () (No name found) -- C:\USERS\FLORE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3MX75WWM.DEFAULT\EXTENSIONS\
[email protected][2012/07/14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:39:12 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/07/14 02:39:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:39:12 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/07/14 02:39:12 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/07/14 02:39:12 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/07/14 02:39:12 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2012/07/21 16:16:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AppGuardGUI] C:\Program Files\Blue Ridge Networks\AppGuard\AppGuardGUI.exe (Blue Ridge Networks)
O4 - HKLM..\Run: [HDD Regenerator] C:\Program Files\HDD Regenerator\HDD Regenerator.exe ()
O4 - HKLM..\Run: [NpMBRGuard] C:\Program Files\INCAInternet\nProtect MBR Guard\nPMBRGuard.exe (INCA Internet Co., Ltd.)
O4 - HKLM..\Run: [Privatefirewall] C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe (Privacyware/PWI, Inc.)
O4 - HKLM..\Run: [Shadow Defender Daemon] C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 124
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB6D00A2-B1C0-4845-B099-36B37CE7E9BD}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e14d3027-e475-11e1-8454-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e14d3027-e475-11e1-8454-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^Users^Flore^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk - C:\Windows\ERUNT\AUTOBACK.EXE - ()
MsConfig - StartUpReg:
DriverMax_RESTART - hkey= - key= - C:\Program Files\DriverMax\drivermax.exe (Innovative Solutions)
MsConfig - StartUpReg:
HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg:
IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg:
Persistence - hkey= - key= - File not found
MsConfig - StartUpReg:
SMSERIAL - hkey= - key= - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
MsConfig - StartUpReg:
SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg:
Windows Defender - hkey= - key= - File not found
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro36 - Reg Error: Value error.
SafeBootNet: hitmanpro36.sys - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PFNet - C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe (Privacyware/PWI, Inc.)
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - serwvdrv.dll (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/08/23 00:45:49 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v1930.dll
[2012/08/23 00:45:49 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2012/08/23 00:45:47 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2012/08/23 00:45:47 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2012/08/23 00:45:47 | 000,277,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2012/08/23 00:45:47 | 000,262,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2012/08/23 00:45:47 | 000,257,536 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2012/08/23 00:45:47 | 000,051,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2012/08/23 00:45:46 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2012/08/23 00:45:46 | 000,299,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2012/08/23 00:45:46 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2012/08/23 00:45:46 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2012/08/23 00:45:46 | 000,289,280 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2012/08/23 00:45:46 | 000,287,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2012/08/23 00:45:46 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2012/08/23 00:45:46 | 000,280,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2012/08/23 00:45:46 | 000,206,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2012/08/23 00:45:46 | 000,205,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2012/08/23 00:45:45 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2012/08/23 00:45:45 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2012/08/23 00:45:45 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2012/08/23 00:45:45 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2012/08/23 00:45:44 | 005,702,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2012/08/23 00:45:44 | 000,310,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2012/08/23 00:45:44 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2012/08/23 00:45:44 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2012/08/23 00:45:44 | 000,275,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2012/08/23 00:45:43 | 000,672,792 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2012/08/23 00:45:43 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2012/08/23 00:45:43 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2012/08/23 00:45:43 | 000,252,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2012/08/23 00:45:43 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2012/08/23 00:45:43 | 000,178,176 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2012/08/23 00:45:43 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2012/08/23 00:45:43 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2012/08/23 00:45:43 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2012/08/23 00:45:42 | 000,536,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
[2012/08/23 00:45:41 | 002,551,808 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll
[2012/08/23 00:45:40 | 004,104,192 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2012/08/23 00:45:39 | 002,686,976 | ---- | C] (9xxssf Graphics) -- C:\Windows\System32\ig4dev32.dll
[2012/08/22 23:33:05 | 000,000,000 | ---D | C] -- C:\Users\Flore\Documents\My Drivers
[2012/08/22 23:21:27 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Innovative Solutions
[2012/08/22 23:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012/08/22 23:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\DriverMax
[2012/08/20 23:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
[2012/08/20 23:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\BurnAware Free
[2012/08/20 12:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\p95v277.win32
[2012/08/18 20:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32
[2012/08/15 23:15:09 | 000,000,000 | ---D | C] -- C:\fjdtv6.90
[2012/08/15 11:43:22 | 000,000,000 | ---D | C] -- C:\Users\Flore\Documents\Windows7_Vista_jcgriff2
[2012/08/13 19:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
[2012/08/13 19:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2012/08/13 19:43:35 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Downloaded Installations
[2012/08/13 15:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/08/13 14:51:46 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/08/13 14:49:26 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/08/13 14:49:25 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/08/13 14:49:24 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/08/13 14:47:31 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/08/13 14:47:27 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/08/13 14:47:27 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/08/13 14:47:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/08/13 14:47:27 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/08/13 14:47:26 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/08/13 14:45:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/08/13 14:45:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/08/13 14:45:45 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/08/13 14:45:42 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/08/13 14:45:42 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/08/13 14:45:42 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/08/13 14:45:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/08/13 14:45:42 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/08/13 14:45:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/08/13 14:17:49 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/08/13 14:17:49 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/08/13 14:17:49 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/08/13 14:16:50 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012/08/13 14:00:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/08/13 13:53:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/08/13 13:53:07 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/08/13 13:53:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/08/13 13:53:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/08/13 13:52:49 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/08/13 13:52:49 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/08/13 13:52:48 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/08/13 13:52:48 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/08/13 13:52:47 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/08/13 13:52:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/08/13 13:52:46 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/08/13 13:52:45 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/08/13 13:52:45 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/08/13 13:52:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/08/13 13:52:44 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/08/13 13:52:40 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/08/13 13:52:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/08/13 13:52:20 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/08/13 13:52:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/08/13 13:52:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/08/13 13:52:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/08/13 13:52:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/08/13 13:52:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/08/13 13:52:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/08/13 13:52:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/08/13 13:50:55 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/08/13 13:50:54 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/08/13 13:50:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/08/13 13:50:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/08/13 13:50:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/08/13 13:50:53 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/08/13 13:50:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/08/13 13:50:03 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/08/13 13:49:50 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/08/13 13:49:49 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/08/13 13:49:49 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/08/13 13:49:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/08/13 13:49:20 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/08/13 13:49:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/08/13 13:48:26 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/08/13 13:48:02 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/08/13 13:47:59 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/08/13 13:47:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/08/13 13:47:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/08/13 13:47:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/08/13 13:47:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/08/13 13:47:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/08/13 13:47:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/08/13 13:47:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/08/13 13:47:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/08/13 13:47:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/08/13 13:47:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/08/13 13:47:00 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/08/13 13:46:54 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/08/13 13:46:54 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/08/13 13:46:50 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012/08/13 13:46:22 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/08/13 13:46:20 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/08/13 13:46:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/08/13 13:45:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/08/13 13:45:32 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/08/13 13:45:20 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/08/13 13:45:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/08/13 13:45:15 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/08/13 13:45:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/08/13 13:45:14 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/08/13 13:45:14 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/08/13 13:45:13 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/08/13 13:45:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/08/13 13:45:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/08/13 13:45:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/08/13 13:45:02 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/08/13 13:44:43 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/08/13 13:44:43 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/08/13 13:44:41 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/08/13 13:44:35 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/08/13 13:44:32 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/08/13 13:44:31 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/08/13 13:44:31 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/08/13 13:44:29 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/08/13 13:44:08 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/08/13 13:44:08 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/08/13 13:44:08 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/08/13 13:44:08 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/08/13 13:44:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/08/13 13:43:56 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/08/13 13:43:49 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/08/13 13:43:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/08/13 13:43:43 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/08/13 13:43:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/08/13 13:43:18 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/08/13 13:43:18 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/08/13 13:43:15 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/08/13 13:42:54 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/08/13 13:42:38 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/08/13 13:42:30 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/08/13 13:42:17 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/08/13 12:57:34 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/08/13 12:57:31 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/08/13 12:57:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/08/13 12:57:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/08/13 12:57:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/08/13 11:56:43 | 000,000,000 | ---D | C] -- C:\Desktop
[2012/08/12 15:47:43 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/08/12 15:47:42 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/08/12 15:47:21 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/08/12 15:47:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/08/12 15:47:21 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/08/12 15:47:16 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/08/12 15:47:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/08/12 15:34:57 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/08/12 15:30:45 | 000,127,568 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\System32\drivers\pwipf6.sys
[2012/08/12 15:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privatefirewall 7.0
[2012/08/12 15:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Privacyware
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2012/08/12 15:04:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2012/08/12 15:04:15 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/08/12 15:03:43 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/08/12 15:02:30 | 002,777,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw4r32.dll
[2012/08/12 15:02:30 | 002,251,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys
[2012/08/12 15:02:30 | 000,745,472 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw4c32.dll
[2012/08/12 15:02:26 | 001,095,936 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys
[2012/08/12 15:02:26 | 000,516,096 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\sm56co85.dll
[2012/08/12 15:02:24 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2012/08/12 15:02:24 | 000,017,768 | ---- | C] (Blue Ridge Networks) -- C:\Windows\System32\drivers\mbrguard.sys
[2012/08/12 15:02:23 | 003,829,760 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2012/08/12 15:02:23 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2012/08/12 15:02:23 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2012/08/12 15:02:23 | 000,094,208 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2012/08/12 15:02:21 | 000,062,208 | ---- | C] (ENE Technology Inc.) -- C:\Windows\System32\drivers\EMS7SK.sys
[2012/08/12 15:02:20 | 000,042,240 | ---- | C] (ENE Technology Inc.) -- C:\Windows\System32\drivers\ESD7SK.sys
[2012/08/12 15:02:18 | 003,784,704 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2012/08/12 15:02:18 | 001,766,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012/08/12 15:02:18 | 001,183,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2012/08/12 15:02:18 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012/08/12 15:02:18 | 000,284,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012/08/12 14:17:46 | 000,000,000 | --SD | C] -- C:\Users\Flore\AppData\Roaming\Microsoft
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Videos
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Saved Games
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Pictures
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Music
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Links
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Favorites
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Downloads
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Documents
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\Desktop
[2012/08/12 14:17:46 | 000,000,000 | R--D | C] -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Voisinage réseau
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Voisinage d'impression
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\AppData\Local\Temporary Internet Files
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\SendTo
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Recent
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Modèles
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Documents\Mes vidéos
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Documents\Mes images
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Mes documents
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Menu Démarrer
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Documents\Ma musique
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Local Settings
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\AppData\Local\Historique
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Cookies
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\Application Data
[2012/08/12 14:17:46 | 000,000,000 | -HSD | C] -- C:\Users\Flore\AppData\Local\Application Data
[2012/08/12 14:17:46 | 000,000,000 | -H-D | C] -- C:\Users\Flore\AppData
[2012/08/12 14:17:46 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Temp
[2012/08/12 14:17:46 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Microsoft
[2012/08/12 14:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012/08/12 14:14:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012/08/12 14:11:38 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012/08/12 14:05:18 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/08/12 00:16:40 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\ImgBurn
[2012/08/11 23:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012/08/11 23:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2012/08/08 11:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/08/08 01:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData
[2012/08/07 23:19:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/07 23:19:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/07 23:19:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/07 23:14:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/07 10:34:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2012/08/07 10:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/08/05 20:06:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/05 20:06:41 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/05 19:02:38 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\vlc
[2012/08/05 19:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/08/05 18:51:00 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Daum
[2012/08/05 18:50:57 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\PotPlayerMini
[2012/08/05 18:50:28 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
[2012/08/05 18:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
[2012/08/05 18:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Daum
[2012/08/03 20:02:24 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\Runscanner.net
[2012/08/01 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/01 19:22:36 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/07/30 20:54:57 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Local\Privatefirewall
[2012/07/30 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Privacyware
[2012/07/27 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\VirusTotalUploader2
[2012/07/27 19:08:19 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.0
[2012/07/25 23:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ultimate Windows Tweaker v2.2
[2012/07/25 22:08:25 | 000,000,000 | ---D | C] -- C:\Users\Flore\AppData\Roaming\blue ridge networks
[2012/07/25 22:08:24 | 000,000,000 | ---D | C] -- C:\Users\Flore\Documents\MyPrivateFolder
[2012/07/25 22:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ridge Networks
[2012/07/25 22:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Blue Ridge Networks
[2012/07/25 22:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Blue Ridge Networks
[2012/07/25 22:02:45 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
========== Files - Modified Within 30 Days ========== [2012/08/23 17:35:25 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/23 17:35:25 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/23 15:35:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/23 12:52:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/23 12:08:29 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2012/08/23 01:56:02 | 000,000,943 | ---- | M] () -- C:\Users\Flore\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/22 23:21:27 | 000,000,816 | ---- | M] () -- C:\Users\Flore\Desktop\DriverMax.lnk
[2012/08/22 18:44:31 | 000,681,752 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/08/22 18:44:31 | 000,599,392 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/22 18:44:31 | 000,127,574 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/08/22 18:44:31 | 000,105,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/21 00:19:57 | 000,000,210 | ---- | M] () -- C:\Users\Flore\AppData\Roaming\burnaware.ini
[2012/08/21 00:19:52 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/08/21 00:19:52 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/08/20 23:47:27 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2012/08/20 17:20:31 | 000,006,656 | ---- | M] () -- C:\Windows\System32\lpcio.dll
[2012/08/20 01:50:43 | 000,004,608 | ---- | M] () -- C:\Users\Flore\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/19 16:48:18 | 000,005,680 | ---- | M] () -- C:\Users\Flore\AppData\Local\Temp5.html
[2012/08/19 16:47:37 | 000,001,955 | ---- | M] () -- C:\Users\Flore\AppData\Local\Temp1.html
[2012/08/16 00:37:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/08/15 22:53:05 | 000,063,545 | ---- | M] () -- C:\fjdtv6.90.zip
[2012/08/15 12:16:03 | 000,287,056 | ---- | M] () -- C:\Users\Flore\Documents\Windows7_Vista_jcgriff2.zip
[2012/08/15 12:01:17 | 002,574,808 | ---- | M] () -- C:\Users\Flore\Documents\Perfmon.html
[2012/08/13 19:43:51 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\HDD Regenerator.lnk
[2012/08/13 15:29:46 | 000,231,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/12 15:34:42 | 000,000,000 | -H-- | M] () -- C:\Windows\wusa.lock
[2012/08/12 15:30:40 | 000,000,146 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/08/12 15:12:01 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/08/12 15:03:28 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/08/12 15:01:13 | 000,383,601 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/08/12 14:40:28 | 000,021,668 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2012/08/11 23:56:00 | 000,001,650 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/08/10 05:34:39 | 000,139,640 | ---- | M] () -- C:\Windows\System32\p
[2012/08/08 11:19:00 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/08 11:19:00 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/07 10:34:36 | 000,000,642 | ---- | M] () -- C:\Users\Flore\Desktop\ERUNT.lnk
[2012/08/06 20:55:56 | 000,001,455 | ---- | M] () -- C:\Windows\System\p
[2012/08/06 20:55:17 | 000,005,572 | ---- | M] () -- C:\Windows\p
[2012/08/05 20:03:39 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2012/08/05 19:02:23 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/08/05 18:50:42 | 000,000,967 | ---- | M] () -- C:\Users\Flore\Desktop\PotPlayer.lnk
[2012/08/01 19:37:49 | 000,000,870 | ---- | M] () -- C:\Users\Flore\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/08/01 19:37:48 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/01 19:22:37 | 000,001,057 | ---- | M] () -- C:\Users\Flore\Desktop\Revo Uninstaller.lnk
[2012/07/27 19:21:42 | 000,001,832 | ---- | M] () -- C:\Users\Flore\Desktop\VirusTotal Uploader 2.0.lnk
[2012/07/25 22:05:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_mbrguard_01009.Wdf
[2012/07/25 22:05:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/07/25 22:03:53 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\AppGuard.lnk
========== Files Created - No Company Name ========== [2012/08/23 12:08:09 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/08/23 00:45:49 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012/08/23 00:45:49 | 000,039,440 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012/08/23 00:45:48 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2012/08/23 00:45:48 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2012/08/23 00:45:48 | 000,060,254 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp
[2012/08/23 00:45:48 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012/08/23 00:45:48 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2012/08/22 23:21:27 | 000,000,816 | ---- | C] () -- C:\Users\Flore\Desktop\DriverMax.lnk
[2012/08/20 23:48:21 | 000,000,210 | ---- | C] () -- C:\Users\Flore\AppData\Roaming\burnaware.ini
[2012/08/20 23:47:27 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2012/08/19 16:48:18 | 000,005,680 | ---- | C] () -- C:\Users\Flore\AppData\Local\Temp5.html
[2012/08/19 16:47:37 | 000,001,955 | ---- | C] () -- C:\Users\Flore\AppData\Local\Temp1.html
[2012/08/16 00:37:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/08/15 22:53:04 | 000,063,545 | ---- | C] () -- C:\fjdtv6.90.zip
[2012/08/15 12:16:02 | 000,287,056 | ---- | C] () -- C:\Users\Flore\Documents\Windows7_Vista_jcgriff2.zip
[2012/08/15 12:04:08 | 002,574,808 | ---- | C] () -- C:\Users\Flore\Documents\Perfmon.html
[2012/08/14 00:58:29 | 000,008,064 | ---- | C] () -- C:\Windows\System32\drivers\flash.sys
[2012/08/13 19:43:51 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\HDD Regenerator.lnk
[2012/08/13 13:47:59 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/08/13 13:43:52 | 000,006,656 | ---- | C] () -- C:\Windows\System32\lpcio.dll
[2012/08/12 15:35:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/08/12 15:34:42 | 000,000,000 | -H-- | C] () -- C:\Windows\wusa.lock
[2012/08/12 15:20:56 | 000,004,608 | ---- | C] () -- C:\Users\Flore\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/12 15:18:27 | 000,000,949 | ---- | C] () -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/08/12 15:18:23 | 000,000,944 | ---- | C] () -- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/08/12 15:02:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2012/08/12 14:40:28 | 000,021,668 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2012/08/12 14:17:46 | 000,000,258 | ---- | C] () -- C:\Users\Flore\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/12 14:17:46 | 000,000,240 | ---- | C] () -- C:\Users\Flore\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/12 14:16:20 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2012/08/11 23:56:00 | 000,001,662 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012/08/11 23:56:00 | 000,001,650 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/08/10 05:34:39 | 000,139,640 | ---- | C] () -- C:\Windows\System32\p
[2012/08/07 23:19:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/07 23:19:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/07 23:19:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/07 23:19:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/07 23:19:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/07 10:34:36 | 000,000,642 | ---- | C] () -- C:\Users\Flore\Desktop\ERUNT.lnk
[2012/08/06 20:55:56 | 000,001,455 | ---- | C] () -- C:\Windows\System\p
[2012/08/06 20:54:51 | 000,005,572 | ---- | C] () -- C:\Windows\p
[2012/08/05 19:02:23 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/08/05 18:50:42 | 000,000,967 | ---- | C] () -- C:\Users\Flore\Desktop\PotPlayer.lnk
[2012/08/01 19:37:49 | 000,000,870 | ---- | C] () -- C:\Users\Flore\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/08/01 19:37:48 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/01 19:37:48 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/30 12:53:48 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/07/27 19:08:19 | 000,001,832 | ---- | C] () -- C:\Users\Flore\Desktop\VirusTotal Uploader 2.0.lnk
[2012/07/25 22:05:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_mbrguard_01009.Wdf
[2012/07/25 22:05:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/07/25 22:03:53 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\AppGuard.lnk
[2012/07/18 00:05:34 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/07/15 01:34:13 | 001,472,131 | ---- | C] () -- C:\Program Files\vba32arkit.zip
[2012/06/28 01:14:43 | 000,826,230 | ---- | C] () -- C:\Program Files\JPEGView_1_0_26.zip
[2012/05/27 03:13:40 | 000,000,004 | ---- | C] () -- C:\Windows\60139727.dat
[2012/05/26 02:53:38 | 000,000,004 | ---- | C] () -- C:\Windows\11290197.dat
[2012/05/25 16:30:01 | 000,000,004 | ---- | C] () -- C:\Windows\16305630.dat
[2012/05/25 02:27:02 | 000,000,004 | ---- | C] () -- C:\Windows\52562384.dat
[2012/05/24 02:29:58 | 000,000,130 | ---- | C] () -- C:\Windows\9218894.dat
[2012/05/21 13:50:06 | 000,000,418 | ---- | C] () -- C:\Users\Flore\.swfinfo
[2012/05/11 00:07:55 | 000,001,004 | ---- | C] () -- C:\Windows\diskpt0.dat
[2012/05/01 15:19:52 | 000,088,656 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2012/04/30 20:22:52 | 000,000,000 | ---- | C] () -- C:\Windows\diskpt.dat
[2011/12/14 03:41:02 | 000,000,324 | ---- | C] () -- C:\Windows\12812112.dat
[2011/12/04 22:54:49 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/12/04 21:30:11 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2011/12/04 21:26:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2011/12/04 00:51:53 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/12/03 22:07:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: FUJITSU MHW2120BH ATA Device
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 68,00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 44,00GB
Starting Offset: 72846671872
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe > < %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe > < %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Adobe
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Auslogics
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\BleachBit
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\blue ridge networks
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\CrystalIdea Software
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Downloaded Installations
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Geek Uninstaller
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Identities
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\ImgBurn
[2012/06/29 11:23:48 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\IrfanView
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Macromedia
[2012/08/12 14:30:20 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Malwarebytes
[2012/08/12 14:30:21 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Media Player Classic
[2012/08/12 14:40:59 | 000,000,000 | --SD | M] -- C:\Users\Flore\AppData\Roaming\Microsoft
[2012/05/03 11:15:48 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\minimem
[2012/08/12 14:30:26 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Mozilla
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Nitro PDF
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\PotPlayerMini
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Runscanner.net
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Softland
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\SumatraPDF
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Thinstall
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\vlc
[2012/08/12 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Flore\AppData\Roaming\Wondershare
< MD5 for: ATAPI.SYS >[2009/04/11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys
[2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 15:19:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: BOOTVID.DLL >[2008/01/21 04:24:53 | 000,024,120 | ---- | M] (Microsoft Corporation) MD5=F0821E18CAFC7135CCF6DE3D306E97CD -- C:\Windows\System32\BOOTVID.DLL
[2008/01/21 04:24:53 | 000,024,120 | ---- | M] (Microsoft Corporation) MD5=F0821E18CAFC7135CCF6DE3D306E97CD -- C:\Windows\winsxs\x86_microsoft-windows-bootvid_31bf3856ad364e35_6.0.6001.18000_none_38797b7986345c9b\BOOTVID.DLL
< MD5 for: CSRSS.EXE >[2008/01/21 04:25:20 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 04:25:20 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >[2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009/04/11 15:19:56 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 15:19:56 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
< MD5 for: HAL.DLL >[2009/04/11 15:19:25 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: KDCOM.DLL >[2009/04/11 15:20:06 | 000,017,384 | ---- | M] (Microsoft Corporation) MD5=48E083898FE5611006725796B055011B -- C:\Windows\System32\kdcom.dll
[2009/04/11 15:20:06 | 000,017,384 | ---- | M] (Microsoft Corporation) MD5=48E083898FE5611006725796B055011B -- C:\Windows\winsxs\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61\kdcom.dll
< MD5 for: MSWSOCK.DLL >[2009/04/11 00:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\erdnt\cache\mswsock.dll
[2009/04/11 15:19:45 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 15:19:45 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
< MD5 for: NAPINSP.DLL >[2008/01/21 04:24:55 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\System32\NapiNSP.dll
[2008/01/21 04:24:55 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_ac1d40c88f30e6c0\NapiNSP.dll
< MD5 for: NLAAPI.DLL >[2008/01/21 04:24:11 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\System32\nlaapi.dll
[2008/01/21 04:24:11 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\nlaapi.dll
< MD5 for: NTDLL.DLL >[2009/04/11 15:20:16 | 001,202,168 | ---- | M] (Microsoft Corporation) MD5=40DB2EBA3CD1433D1C90BD262ECE1543 -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18005_none_5ac2574df94f7762\ntdll.dll
[2011/11/18 22:23:34 | 001,205,576 | ---- | M] (Microsoft Corporation) MD5=B9940B8D1B0BC5F675A99E6D1E2F0835 -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.22742_none_5b1dbeef129029d5\ntdll.dll
[2011/11/18 22:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\ntdll.dll
[2011/11/18 22:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18541_none_5a931ff3f973738d\ntdll.dll
< MD5 for: NTOSKRNL.EXE >[2009/04/11 15:20:07 | 003,549,672 | ---- | M] (Microsoft Corporation) MD5=6798DBF3F25721637AEF5B6C69911C9C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[2012/04/03 10:16:12 | 003,552,640 | ---- | M] (Microsoft Corporation) MD5=B9907DD4BE7B1B39573BF66554AB224E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe
[2012/04/03 10:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=BA4C485548914034B471EB6FC2B50082 -- C:\Windows\System32\ntoskrnl.exe
[2012/04/03 10:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=BA4C485548914034B471EB6FC2B50082 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe
[2011/10/27 10:01:53 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=C7D1507B837BC41D13D6EAC31A032AE3 -- C:\Windows\erdnt\cache\ntoskrnl.exe
[2012/03/06 08:39:00 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=D960F9E1FCA0C86387E806D9AED319FB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntoskrnl.exe
[2012/03/06 08:39:00 | 003,552,640 | ---- | M] (Microsoft Corporation) MD5=FEA4425645424D66DCCC6CD3F417A40D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntoskrnl.exe
< MD5 for: PNRPNSP.DLL >[2008/01/21 04:25:49 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\System32\pnrpnsp.dll
[2008/01/21 04:25:49 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2009/04/11 00:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\erdnt\cache\services.exe
[2009/04/11 15:20:11 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 15:20:11 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SVCHOST.EXE >[2008/01/19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/21 04:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USER32.DLL >[2009/04/11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\erdnt\cache\user32.dll
[2009/04/11 15:19:54 | 000,627,712 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009/04/11 15:19:54 | 000,627,712 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >[2008/01/19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/21 04:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOAD.EXE >[2009/04/11 15:19:59 | 000,986,600 | ---- | M] (Microsoft Corporation) MD5=074DF633D8C15656560F0388AA7F6237 -- C:\Windows\System32\Boot\winload.exe
[2009/04/11 15:20:31 | 000,986,600 | ---- | M] (Microsoft Corporation) MD5=074DF633D8C15656560F0388AA7F6237 -- C:\Windows\System32\winload.exe
[2009/04/11 15:19:59 | 000,986,600 | ---- | M] (Microsoft Corporation) MD5=074DF633D8C15656560F0388AA7F6237 -- C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6002.18005_none_6b24103689ec6965\winload.exe
[2009/04/11 15:20:31 | 000,986,600 | ---- | M] (Microsoft Corporation) MD5=074DF633D8C15656560F0388AA7F6237 -- C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94\winload.exe
[2008/01/21 04:10:16 | 000,943,800 | ---- | M] (Microsoft Corporation) MD5=85D2C8A361D5D24DC5B06FE2119C4954 -- C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16609_none_59497e266f783366\winload.exe
[2008/01/21 04:10:16 | 000,943,800 | ---- | M] (Microsoft Corporation) MD5=DDB227AFAFB2B7F950528C2484BE2055 -- C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20734_none_59ada9bb88b2a850\winload.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009/04/11 15:20:12 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 15:20:12 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
< MD5 for: WINRNR.DLL >[2009/04/11 15:19:34 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\System32\winrnr.dll
[2009/04/11 15:19:34 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_5b39cbfb4d3802b6\winrnr.dll
[2006/11/02 11:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6000.16386_none_571790f3532b2696\winrnr.dll
< MD5 for: WSHELPER.DLL >[2006/11/02 11:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\System32\wshelper.dll
[2006/11/02 11:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\wshelper.dll
< C:\Windows\assembly\tmp\U\*.* /s > < %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 15:19:41 | 000,636,080 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/14 02:39:56 | 000,867,904 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/21 04:24:43 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 15:19:41 | 000,636,080 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >[2006/11/02 11:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles >[2012/05/25 18:34:42 | 000,127,568 | ---- | M] (Privacyware/PWI, Inc.)
Unable to obtain MD5 -- C:\Windows\system32\drivers\pwipf6.sys
< End of report >