Hello pgmigg,
I had no difficulty this time with OTL. The two reports generated are posted below. Extras had to be posted separately due to size limitations.
Incidently, I just realized that although my homepage remains as I redefined it last week, if I type search terms directly in the browser line the search is carried out by searchqu in FireFox 4.01 (same happens with GoogleChrome, though not with IE8, which retains my chosen search engine).
Thanks again!
eventhorizon
OTL logfile created on: 16/05/2011 14:20:34 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Glenn Smith\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 297,89 Gb Total Space | 167,07 Gb Free Space | 56,08% Space Free | Partition Type: NTFS
Computer Name: GLENN_WORK | User Name: Glenn Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Glenn Smith\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
PRC - c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
PRC - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
PRC - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
PRC - C:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft)
PRC - C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Glenn Smith\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00087_012\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
MOD - C:\Program Files\BitDefender\BitDefender 2011\pchook32.dll (BitDefender S.R.L.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
========== Win32 Services (SafeList) ========== SRV - (getPlusHelper) getPlus(R) -- File not found
SRV - (Updatesrv) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe (BitDefender S.R.L.)
SRV - (Update Server) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender)
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe (BitDefender S.R.L.)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (wlidsvc) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (STacSV) -- c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (stllssvr) -- c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (ACDaemon) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft)
SRV - (ASFAgent) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (PROCEXP113) -- C:\WINDOWS\system32\drivers\PROCEXP113.SYS (Sysinternals -
www.sysinternals.com)
DRV - (bdselfpr) -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender LLC)
DRV - (Trufos) -- C:\WINDOWS\system32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (Bdfndisf) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdfndisf.sys (BitDefender)
DRV - (Bdftdif) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (bdfsfltr) -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys (BitDefender)
DRV - (avckf) -- C:\WINDOWS\system32\drivers\avckf.sys (BitDefender)
DRV - (avc3) -- C:\WINDOWS\system32\drivers\avc3.sys (BitDefender)
DRV - (BdRawPr) -- C:\WINDOWS\system32\drivers\bdrawpr.sys (BITDEFENDER LLC)
DRV - (BDFM) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (cvusbdrv) -- C:\WINDOWS\system32\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV - (WavxDMgr) -- C:\WINDOWS\system32\drivers\WavxDMgr.sys (Wave Systems Corp.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (AESTAud) -- C:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation)
DRV - (e1yexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (PBADRV) -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys (Dell Inc)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (CamDrL) Logitech QuickCam Pro 3000(CamDrl) -- C:\WINDOWS\system32\drivers\Camdrl.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.conflictrecovery.org"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {e55904c8-769b-4ffe-8d47-48f411f37d22}:2.0.2
FF - prefs.js..extensions.enabledItems:
FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&systemid=406&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/11 01:58:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/03/30 16:19:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/11/04 22:03:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/20 20:37:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 11:23:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 22:58:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2010/09/15 00:38:39 | 000,000,000 | ---D | M]
[2011/05/05 23:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn Smith\Application Data\Mozilla\Extensions
[2009/11/11 02:59:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn Smith\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/05/05 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn Smith\Application Data\Mozilla\Firefox\Profiles\jsuy2xfr.default\extensions
[2010/04/30 11:40:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Glenn Smith\Application Data\Mozilla\Firefox\Profiles\jsuy2xfr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Application Data\Mozilla\Firefox\Profiles\jsuy2xfr.default\searchplugins\SearchquWebSearch.xml
[2011/05/06 23:01:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/06 23:01:29 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/04/30 11:23:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/09/30 13:28:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/03/30 16:19:33 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2009/11/04 22:03:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/03/22 20:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2011/01/30 17:45:12 | 000,135,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2011/03/20 20:37:49 | 000,150,712 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/12/24 00:42:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2011/03/20 20:38:02 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2011/03/20 20:37:40 | 000,100,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/11/28 13:10:16 | 008,467,184 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
[2009/11/24 14:14:50 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\PDFNetC.dll
[2009/11/28 13:10:18 | 000,107,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ScorchPDFWrapper.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2011/03/23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/12/14 22:47:09 | 000,427,067 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 14708 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 8159217765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 20:00:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (66441705255075840)
========== Files/Folders - Created Within 30 Days ========== [2011/05/16 13:54:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Glenn Smith\Bureau\OTL.exe
[2011/05/15 14:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\2011-05-15
[2011/05/12 23:24:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/05/12 23:24:13 | 000,012,568 | ---- | C] (Sysinternals -
www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2011/05/12 23:23:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/12 23:22:56 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2011/05/11 10:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\2011-05-11
[2011/05/11 10:09:28 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Glenn Smith\Bureau\tdsskiller.exe
[2011/05/10 21:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\2011-05-10
[2011/05/09 10:44:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Glenn Smith\Recent
[2011/05/09 00:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\2011-05-09
[2011/05/08 19:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\J_bac_2011-05-08
[2011/05/06 23:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2011/05/06 23:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
[2011/05/06 23:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2011/05/06 22:59:30 | 001,029,512 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Glenn Smith\Mes documents\SkypeSetup.exe
[2011/05/06 22:55:38 | 047,929,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\Glenn Smith\Mes documents\AdbeRdr1001_fr_FR.exe
[2011/05/06 19:41:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\CSFRS
[2011/05/06 17:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/06 17:28:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Menu Démarrer\Programmes\HiJackThis
[2011/05/05 18:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\Ilivid Player
[2011/05/05 18:05:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CEEC46AF-A1E6-47D5-B85D-AE1AEF769F81}
[2011/05/05 18:03:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\PackageAware
[2011/05/02 00:04:23 | 003,161,648 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Glenn Smith\Mes documents\dfsetup204.exe
[2011/05/01 19:22:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\M_le_Maudit-images
[2011/04/30 15:11:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\2011-04-30
[2011/04/30 10:32:47 | 012,602,568 | ---- | C] (Mozilla) -- C:\Documents and Settings\Glenn Smith\Mes documents\Firefox Setup 4.0.1.exe
[2011/04/21 16:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Menu Démarrer\Programmes\Google Chrome
[2011/04/17 17:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists4_fichiers
[2011/04/17 17:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists3_fichiers
[2011/04/17 17:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists2_fichiers
[2011/04/17 17:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists1_fichiers
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/05/16 14:13:50 | 000,057,494 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\AulaForm.pdf
[2011/05/16 13:54:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Glenn Smith\Bureau\OTL.exe
[2011/05/16 13:51:44 | 000,028,409 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2011/05/16 13:36:00 | 000,001,172 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1676656856-1613018796-938531743-1005UA.job
[2011/05/16 13:35:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/16 13:35:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/16 12:48:24 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1676656856-1613018796-938531743-1005.job
[2011/05/16 12:48:24 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1676656856-1613018796-938531743-1005.job
[2011/05/16 12:48:05 | 000,022,979 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HaggardEyeofNewt.jpg
[2011/05/16 12:47:09 | 000,009,683 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HaggardEyeofNewt.htm
[2011/05/16 09:11:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/16 09:11:01 | 000,035,431 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2011/05/16 09:10:52 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/05/16 09:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/16 09:10:38 | 3745,423,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/15 16:36:00 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1676656856-1613018796-938531743-1005Core.job
[2011/05/13 23:37:28 | 000,002,332 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Bureau\Google Chrome.lnk
[2011/05/13 23:37:28 | 000,002,310 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/12 23:24:17 | 000,000,000 | ---- | M] () -- C:\Start_.cmd
[2011/05/12 23:24:13 | 000,012,568 | ---- | M] (Sysinternals -
www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2011/05/12 19:32:26 | 004,347,036 | R--- | M] () -- C:\Documents and Settings\Glenn Smith\Bureau\ComboFix.exe
[2011/05/12 17:33:57 | 001,783,551 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\beameruserguide-2.pdf
[2011/05/12 10:27:34 | 000,048,120 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\petit_dragon_vert.gif
[2011/05/11 10:09:30 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Glenn Smith\Bureau\tdsskiller.exe
[2011/05/10 21:20:33 | 000,944,427 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\ANR_Programmation2011.pdf
[2011/05/08 23:47:13 | 002,471,943 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\parcours-Tour_de_France-2011.pdf
[2011/05/08 21:37:32 | 000,000,403 | ---- | M] () -- C:\WINDOWS\prestopm.INI
[2011/05/08 19:25:05 | 000,000,190 | -H-- | M] () -- C:\WINDOWS\NsNetScan.ini
[2011/05/07 16:19:16 | 000,669,788 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\CSFRS_reglement_aides_financieres_20100623.pdf
[2011/05/07 11:32:52 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\dds.scr
[2011/05/06 23:00:52 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/05/06 22:59:31 | 001,029,512 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Glenn Smith\Mes documents\SkypeSetup.exe
[2011/05/06 22:58:40 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/05/06 22:56:26 | 047,929,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Glenn Smith\Mes documents\AdbeRdr1001_fr_FR.exe
[2011/05/06 22:00:58 | 002,085,220 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\GiantExpedition_AT.JPG
[2011/05/06 21:59:48 | 002,032,240 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\GiantExpedition_LT.JPG
[2011/05/06 17:28:45 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Bureau\HiJackThis.lnk
[2011/05/06 17:27:21 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HijackThis.msi
[2011/05/06 00:12:36 | 000,083,377 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\No_ Don't go to Grad School_ How anthropology reproduces neoliberal Misery.eml
[2011/05/05 23:25:00 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/05/05 23:21:25 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\cc_20110505_232051.reg
[2011/05/02 00:05:06 | 000,001,582 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Defraggler.lnk
[2011/05/02 00:04:25 | 003,161,648 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Glenn Smith\Mes documents\dfsetup204.exe
[2011/05/01 21:54:24 | 000,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2011/04/30 11:23:38 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/04/30 10:32:47 | 012,602,568 | ---- | M] (Mozilla) -- C:\Documents and Settings\Glenn Smith\Mes documents\Firefox Setup 4.0.1.exe
[2011/04/30 08:35:23 | 000,580,110 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/30 08:35:23 | 000,486,300 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/30 08:35:23 | 000,105,590 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/30 08:35:23 | 000,081,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/28 18:56:23 | 000,392,279 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\Missions - Contrat d'assurance.pdf
[2011/04/27 16:07:32 | 000,330,524 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\dem_mis.pdf
[2011/04/26 16:14:07 | 015,809,772 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\WGSmith-VersionThèseFinal.pdf
[2011/04/23 17:44:23 | 000,028,409 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2011/04/21 11:18:41 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Bureau\Word.lnk
[2011/04/20 17:58:34 | 000,259,964 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\Fiche_de_renseignements_sur_la_soutenance_et_déplacements.pdf
[2011/04/17 20:15:07 | 000,510,682 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\article_befeo_0336-1519_1992_num_79_1_1858.pdf
[2011/04/17 20:14:27 | 000,373,091 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\article_befeo_0336-1519_1992_num_79_1_1859.pdf
[2011/04/17 17:59:43 | 000,029,558 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists4.htm
[2011/04/17 17:59:17 | 000,029,558 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists3.htm
[2011/04/17 17:58:52 | 000,029,558 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists2.htm
[2011/04/17 17:58:15 | 000,029,558 | ---- | M] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists1.htm
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/05/16 14:13:50 | 000,057,494 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\AulaForm.pdf
[2011/05/16 12:48:05 | 000,022,979 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HaggardEyeofNewt.jpg
[2011/05/16 12:47:08 | 000,009,683 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HaggardEyeofNewt.htm
[2011/05/12 23:24:17 | 000,000,000 | ---- | C] () -- C:\Start_.cmd
[2011/05/12 19:32:13 | 004,347,036 | R--- | C] () -- C:\Documents and Settings\Glenn Smith\Bureau\ComboFix.exe
[2011/05/12 17:33:55 | 001,783,551 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\beameruserguide-2.pdf
[2011/05/12 10:27:32 | 000,048,120 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\petit_dragon_vert.gif
[2011/05/10 21:20:26 | 000,944,427 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\ANR_Programmation2011.pdf
[2011/05/08 23:47:13 | 002,471,943 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\parcours-Tour_de_France-2011.pdf
[2011/05/07 16:19:16 | 000,669,788 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\CSFRS_reglement_aides_financieres_20100623.pdf
[2011/05/07 11:32:51 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\dds.scr
[2011/05/06 23:03:28 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/05/06 23:00:52 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/05/06 22:58:40 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/05/06 22:58:40 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/05/06 22:00:58 | 002,085,220 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\GiantExpedition_AT.JPG
[2011/05/06 21:59:48 | 002,032,240 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\GiantExpedition_LT.JPG
[2011/05/06 17:28:00 | 000,002,459 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Bureau\HiJackThis.lnk
[2011/05/06 17:27:19 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\HijackThis.msi
[2011/05/06 00:12:36 | 000,083,377 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\No_ Don't go to Grad School_ How anthropology reproduces neoliberal Misery.eml
[2011/05/05 23:20:55 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\cc_20110505_232051.reg
[2011/04/30 11:23:38 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/04/28 18:56:23 | 000,392,279 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\Missions - Contrat d'assurance.pdf
[2011/04/27 16:07:32 | 000,330,524 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\dem_mis.pdf
[2011/04/26 16:13:49 | 015,809,772 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\WGSmith-VersionThèseFinal.pdf
[2011/04/21 16:27:23 | 000,002,332 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Bureau\Google Chrome.lnk
[2011/04/21 16:27:23 | 000,002,310 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/21 16:26:42 | 000,001,172 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1676656856-1613018796-938531743-1005UA.job
[2011/04/21 16:26:42 | 000,001,120 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1676656856-1613018796-938531743-1005Core.job
[2011/04/20 17:58:34 | 000,259,964 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\Fiche_de_renseignements_sur_la_soutenance_et_déplacements.pdf
[2011/04/17 20:15:07 | 000,510,682 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\article_befeo_0336-1519_1992_num_79_1_1858.pdf
[2011/04/17 20:14:27 | 000,373,091 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\article_befeo_0336-1519_1992_num_79_1_1859.pdf
[2011/04/17 17:59:43 | 000,029,558 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists4.htm
[2011/04/17 17:59:17 | 000,029,558 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists3.htm
[2011/04/17 17:58:52 | 000,029,558 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists2.htm
[2011/04/17 17:58:15 | 000,029,558 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Mes documents\your lists1.htm
[2011/04/13 18:00:25 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2010/08/24 10:01:04 | 000,118,321 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Fichiers communs\LinkInstaller.exe
[2010/04/14 01:27:11 | 000,055,848 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/10 16:59:35 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Application Data\bdfvconp.ini
[2010/02/01 23:29:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/01/29 13:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010/01/22 13:11:37 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/01/22 13:11:37 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/01/22 13:11:37 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/01/22 13:11:37 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/01/22 13:11:37 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/01/22 13:11:37 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/01/22 13:11:37 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/01/22 13:11:37 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/01/22 13:11:37 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/01/22 13:11:37 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/01/22 13:11:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/01/22 13:11:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/01/22 13:11:37 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/01/22 13:11:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/01/22 13:11:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/01/22 13:11:37 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/01/22 13:11:37 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/01/22 13:11:37 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/01/22 13:11:37 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/01/14 01:01:42 | 000,000,403 | ---- | C] () -- C:\WINDOWS\prestopm.INI
[2010/01/14 00:58:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/01/14 00:57:13 | 000,000,190 | -H-- | C] () -- C:\WINDOWS\NsNetScan.ini
[2009/12/01 02:53:20 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2009/11/14 04:21:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2009/11/13 14:30:52 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2009/11/13 14:30:52 | 000,000,105 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2009/11/13 14:30:40 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2009/11/13 14:29:26 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini
[2009/11/13 14:26:48 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/11/13 14:08:35 | 000,006,812 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/11/13 14:01:23 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2009/11/13 13:59:57 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2009/11/11 02:58:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/11 00:03:33 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2009/11/11 00:03:33 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2009/11/11 00:02:27 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/11/11 00:02:19 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2009/11/10 18:02:34 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/10 17:39:48 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\fusioncache.dat
[2009/11/10 17:39:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Glenn Smith\Local Settings\Application Data\WavXMapDrive.bat
[2009/11/05 05:33:57 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/11/05 05:33:57 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/11/05 05:33:57 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/11/05 05:33:57 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/11/05 05:33:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/11/05 05:33:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/11/05 05:33:56 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/11/05 05:33:56 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/11/05 05:33:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/11/05 05:31:27 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/11/04 22:28:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/11/04 22:20:10 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/11/04 22:20:10 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2009/11/04 22:19:33 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/11/04 22:13:45 | 000,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/11/04 22:11:23 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/11/04 21:42:13 | 000,028,409 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/22 20:03:06 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/06/05 17:41:18 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2009/06/05 17:41:18 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2009/06/05 17:41:16 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2009/06/05 17:41:16 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2009/06/05 17:41:16 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2009/06/05 17:41:14 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2009/06/05 17:41:14 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2009/06/05 17:41:12 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2009/06/05 17:41:12 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2009/06/05 17:41:12 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2009/06/05 17:41:10 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2009/06/05 17:41:10 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_cs.dll
[2009/06/05 17:41:10 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2009/06/05 17:41:08 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2009/06/05 17:41:08 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2009/06/05 17:41:08 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2009/06/05 17:41:06 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\AmRes_el.dll
[2009/06/05 17:41:06 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ar.dll
[2009/06/05 17:41:04 | 000,548,864 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-PT.dll
[2009/06/05 17:41:04 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_hu.dll
[2009/06/05 17:41:04 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fi.dll
[2009/06/05 17:41:04 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_he.dll
[2009/06/05 17:41:02 | 000,548,864 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ro.dll
[2009/06/05 17:41:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_tr.dll
[2009/06/05 17:31:18 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2009/06/03 15:08:48 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2009/06/03 15:08:46 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2009/06/03 15:08:46 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2009/06/03 15:08:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2009/06/03 15:08:42 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2009/06/03 15:08:42 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2009/06/03 15:08:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2009/06/03 15:08:38 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2009/06/03 15:08:36 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2009/06/03 15:08:36 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2009/06/03 15:08:34 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2009/06/03 15:08:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2009/06/03 15:08:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2009/06/03 15:08:30 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2009/06/03 15:08:28 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2009/06/03 15:08:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2009/06/03 15:08:26 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2009/06/03 15:08:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2009/06/03 15:08:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2009/06/03 15:08:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2009/06/03 15:08:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2009/06/03 15:08:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2009/06/03 15:08:16 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2009/06/03 15:08:16 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2009/06/03 14:07:50 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2009/05/18 10:34:04 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2009/05/05 12:34:22 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2008/08/15 10:46:30 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/05/27 00:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/27 00:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/27 00:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 23:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 23:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/25 20:03:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/25 19:58:26 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/25 19:57:33 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 14:46:45 | 000,580,110 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/25 14:46:45 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/25 14:46:45 | 000,105,590 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/25 14:46:45 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/25 14:46:34 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/25 14:46:33 | 000,486,300 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 14:46:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/25 14:46:33 | 000,081,644 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 14:46:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/25 14:46:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/25 14:46:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/25 14:46:30 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 14:46:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/25 14:46:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/25 14:46:22 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/25 14:46:19 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/25 07:53:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 07:52:12 | 000,292,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/03/25 11:46:00 | 000,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2007/04/19 07:52:16 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 07:28:10 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/06/30 14:58:44 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 14:58:44 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2004/09/10 15:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 15:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2003/04/01 11:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ========== [2009/11/04 22:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2010/09/27 18:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2010/12/14 11:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2009/11/04 22:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/11/13 14:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2009/11/13 14:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/11/04 22:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/11/04 22:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2010/05/17 20:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/26 15:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/05/05 18:05:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CEEC46AF-A1E6-47D5-B85D-AE1AEF769F81}
[2010/09/15 00:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\BitDefender
[2009/11/04 22:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Broadcom
[2011/05/15 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Canon
[2010/08/24 12:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\eMusic
[2009/11/13 14:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\NewSoft
[2010/06/25 20:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\NSBackup
[2010/01/22 13:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Panasonic
[2010/09/15 00:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\QuickScan
[2010/12/27 15:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Regensoft
[2009/11/13 14:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\ScanSoft
[2010/07/14 00:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Stellarium
[2009/11/13 16:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Thunderbird
[2009/11/04 22:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Wave Systems Corp
[2009/11/04 22:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Windows Desktop Search
[2009/11/13 23:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn Smith\Application Data\Windows Search
[2011/05/16 09:10:52 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 01:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 01:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[2011/03/07 21:29:53 | 000,008,376 | ---- | M] () MD5=68F9AD291B0C16F6B4AAEBFC26960EFA -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll
< MD5 for: IASTOR.SYS >[2009/02/11 19:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/04/28 00:25:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\drivers\storage\R213316\IaStor.sys
[2009/02/11 19:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/04/28 00:25:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >[2008/04/14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >[2008/04/14 14:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 10 bytes -> C:\Documents and Settings\Glenn Smith\Mes documents\jxpiinstall.exe:BDU
@Alternate Data Stream - 10 bytes -> C:\Documents and Settings\Glenn Smith\Mes documents\dfsetup121.exe:BDU
< End of report >