Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan outil (FRST) (x86) Version: 13-01-2014 02
Ran by SYSTEM on REATOGO on 14-01-2014 13:46:00
Running from B:\Documents and Settings\Default User\Desktop
Microsoft Windows XP (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Recovery
The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(FinePrint Software, LLC) C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
(Zone Labs, LLC) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Zone Labs, LLC) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Adobe Systems Incorporated) C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VBoxTray] - C:\WINDOWS\system32\VBoxTray.exe [1312016 2013-12-18] (Oracle Corporation)
HKU\Kevin\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2014-01-14] (Google Inc.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-11] ()
HKU\Kevin\...\Run: [Google Update*] - [x]
========================== Services (Whitelisted) =================
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 VBoxService; C:\Windows\System32\VBoxService.exe [1503504 2013-12-18] (Oracle Corporation)
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\ \ \???\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\GoogleUpdate.exe"
==================== Drivers (Whitelisted) ====================
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [117008 2013-12-18] (Oracle Corporation)
S3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [100112 2013-12-18] (Oracle Corporation)
S1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [244496 2013-12-18] (Oracle Corporation)
S3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [117520 2013-12-18] (Oracle Corporation)
S1 WS2IFSL;
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\ac97intc.sys 0F2D66D5F08EBE2F77BB904288DCF6F0
C:\Windows\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\Windows\System32\Drivers\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\Windows\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\Windows\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\Windows\System32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\Windows\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\DRIVERS\intelide.sys 4B6DA2F0A4095857A9E3F3697399D575
C:\Windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\Windows\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517
C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\Windows\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\Windows\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\Windows\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\Windows\System32\Drivers\Pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\Windows\System32\DRIVERS\pcntpci5.sys 7BC8027D56FAB153A987C56AE9835664
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD
C:\Windows\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\Windows\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\Windows\System32\DRIVERS\VBoxGuest.sys EF2AB6ED00612174208CA15DCE6C926F
C:\Windows\System32\DRIVERS\VBoxMouse.sys C6ADB8FC34C902DF785E8C31FA36124E
C:\Windows\System32\drivers\VBoxSF.sys 5C425F29AC9D863DBD16013E33A51A41
C:\Windows\System32\DRIVERS\VBoxVideo.sys 1C82BB24AFBC479384F15BFD0F6CF273
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC
2014-01-14 07:06 - 2014-01-14 07:11 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST
2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____c:\users\Kevin\appdata\local\we4032.dll",Startup
2014-01-14 05:51 - 2008-04-14 07:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2014-01-14 05:51 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system\TIMER.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00003360 _____ (Microsoft Corporation) C:\Windows\system\SYSTEM.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00003072 ____N C:\Windows\System32\CONFIG.TMP
2014-01-14 05:51 - 2008-04-14 07:00 - 00002176 _____ (Microsoft Corporation) C:\Windows\system\VGA.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00002032 _____ (Microsoft Corporation) C:\Windows\system\MOUSE.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00002000 _____ (Microsoft Corporation) C:\Windows\system\KEYBOARD.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00001896 _____ C:\Windows\System32\AUTOEXEC.NT
2014-01-14 05:51 - 2008-04-14 07:00 - 00001744 _____ (Microsoft Corporation) C:\Windows\system\SOUND.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00001152 _____ (Microsoft Corporation) C:\Windows\system\MMTASK.TSK
2014-01-14 05:51 - 2008-04-13 14:33 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\storprop.dll
2014-01-14 05:50 - 2014-01-14 06:44 - 00209267 _____ C:\Windows\setupapi.log
2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff
2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 05:50 - 2014-01-14 05:03 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT
2014-01-14 05:50 - 2014-01-14 05:02 - 00170548 _____ C:\Windows\setupact.log
2014-01-14 05:50 - 2014-01-14 04:55 - 00000212 ___SH C:\boot.ini
2014-01-14 05:50 - 2008-04-14 07:00 - 01246130 ____R C:\Windows\SET3.tmp
2014-01-14 05:43 - 2014-01-14 05:51 - 00000000 ____D C:\Windows\system
2014-01-14 05:43 - 2014-01-14 05:50 - 00000000 ____D C:\Windows\L2Schemas
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\usmt
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\npp
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\fr
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\PeerNet
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\msagent
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\Media
2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\twain_32
2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\System32\1036
2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\ras
2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\icsxml
2014-01-14 05:43 - 2014-01-14 05:44 - 00000000 ____D C:\Windows\System32\1033
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\ias
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\security
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\repair
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\ime
2014-01-14 05:43 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Web
2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\pchealth
2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\Help
2014-01-14 05:43 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Cursors
2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\spool
2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\fr-fr
2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-14 05:24 - 2013-04-04 08:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 05:20 - 2014-01-14 06:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\BearShare
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\program files (x86)\BearShare Applications
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\{D398BDFF-BC85-4852-B26D-4CA820357DB2}
2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Program Files\Google
2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\program files (x86)\sgpsa\BHO.dll
2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 05:10 - 2013-12-18 10:33 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe
2014-01-14 05:10 - 2013-12-18 10:33 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe
2014-01-14 05:10 - 2013-12-18 10:32 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys
2014-01-14 05:10 - 2013-12-18 10:32 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys
2014-01-14 05:10 - 2013-12-18 10:32 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll
2014-01-14 05:04 - 2014-01-14 07:09 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini
2014-01-14 05:04 - 2014-01-14 07:03 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris
2014-01-14 05:04 - 2014-01-14 04:56 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les
2014-01-14 05:03 - 2014-01-14 06:59 - 00007454 _____ C:\Windows\SchedLgU.Txt
2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx
2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT
2014-01-14 04:58 - 2014-01-14 07:10 - 00017393 _____ C:\Windows\WindowsUpdate.log
2014-01-14 04:58 - 2014-01-14 04:59 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne
2014-01-14 04:57 - 2014-01-14 05:03 - 00000000 ____D C:\Windows\System32\Restore
2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex
2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex
2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf
2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf
2014-01-14 04:56 - 2014-01-14 05:04 - 00000936 _____ C:\Windows\wmsetup.log
2014-01-14 04:56 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\Registration
2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat
2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log
2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications
2014-01-14 04:56 - 2008-04-14 07:00 - 00027768 _____ C:\Windows\System32\tslabels.ini
2014-01-14 04:56 - 2008-04-14 07:00 - 00026680 _____ C:\Windows\Rivi�re Sumida.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00026582 _____ C:\Windows\Granit vert.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00024006 _____ C:\Windows\System32\gb2312.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00022984 _____ C:\Windows\System32\bopomofo.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\qwinsta.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\msg.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\tsshutdn.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017362 _____ C:\Windows\Rhododendron.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017336 _____ C:\Windows\Jour de p�che.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\Windows\Tasse � caf�.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\program files (x86)\sgpsa\mtwb3sh.dll
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\we4032.dll",Startup
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\houiphcfm\qhkdcacshdw.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\microsoft\windows\temporary internet files\content.ie5\sadfc401\access[1].exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00016740 _____ C:\Windows\System32\shiftjis.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00016730 _____ C:\Windows\Plume.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00003914 _____ C:\Windows\System32\msdtcprf.ini
2014-01-14 04:56 - 2008-04-14 07:00 - 00003286 _____ C:\Windows\System32\tslabels.h
2014-01-14 04:56 - 2008-04-14 07:00 - 00001272 _____ C:\Windows\Rosace bleue 16.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00001263 _____ C:\Windows\System32\usrlogon.cmd
2014-01-14 04:56 - 2008-04-14 07:00 - 00000768 _____ C:\Windows\System32\msdtcprf.h
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\MsDtc
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\Com
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Windows NT
2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log
2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN
2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\msdtc.exe
2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\dcomcnfg.exe
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\mtxex.dll
2014-01-14 04:55 - 2008-04-13 13:34 - 00040840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2014-01-14 04:55 - 2008-04-13 05:32 - 00196224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll
2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll
2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll
==================== One Month Modified Files and Folders =======
2014-01-14 07:11 - 2014-01-14 07:06 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini
2014-01-14 07:10 - 2014-01-14 04:58 - 00017393 _____ C:\Windows\WindowsUpdate.log
2014-01-14 07:09 - 2014-01-14 05:04 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini
2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC
2014-01-14 07:03 - 2014-01-14 05:04 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau
2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Program Files\Google
2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 06:59 - 2014-01-14 05:03 - 00007454 _____ C:\Windows\SchedLgU.Txt
2014-01-14 06:58 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2014-01-14 06:44 - 2014-01-14 05:50 - 00209267 _____ C:\Windows\setupapi.log
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-codedownloader.job
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-chromeinstaller.job
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-firefoxinstaller.job
2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST
2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google
2014-01-14 05:53 - 2014-01-14 05:53 - 00004444 _____ C:\Windows\System32\pid.PNF
2014-01-14 05:52 - 2014-01-14 05:52 - 00000393 _____ C:\Windows\wiadebug.log
2014-01-14 05:52 - 2014-01-14 05:52 - 00000050 _____ C:\Windows\wiaservc.log
2014-01-14 05:52 - 2014-01-14 05:52 - 00000000 _____ C:\Windows\Sti_Trace.log
2014-01-14 05:51 - 2014-01-14 05:51 - 00001470 _____ C:\Windows\regopt.log
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___SD C:\Documents and Settings\Default User\Local Settings\Historique
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Default User\Menu D�marrer
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage r�seau
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage d'impression
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\All Users\Mod�les
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Favoris
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Bureau
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Favoris
2014-01-14 05:51 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\system
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression
2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2014-01-14 05:51 - 2008-04-14 07:00 - 00000231 _____ C:\Windows\system.ini
2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff
2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG
2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009
2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009\av2009.exe
2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 05:50 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\L2Schemas
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\usmt
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\npp
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\PeerNet
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\msagent
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Media
2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\twain_32
2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1036
2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ras
2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\icsxml
2014-01-14 05:44 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1033
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins
2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-14 05:19 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\users\Kevin\appdata\roaming\2B2CF94012581557DBFF5E801EB42A26
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 05:05 - 2014-01-14 05:51 - 00775210 _____ C:\Windows\System32\PerfStringBackup.INI
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris
2014-01-14 05:04 - 2014-01-14 04:56 - 00000936 _____ C:\Windows\wmsetup.log
2014-01-14 05:04 - 2008-04-14 07:00 - 00002206 _____ C:\Windows\System32\wpa.dbl
2014-01-14 05:03 - 2014-01-14 05:50 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT
2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Restore
2014-01-14 05:02 - 2014-01-14 05:51 - 00049064 _____ C:\Windows\iis6.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00016202 _____ C:\Windows\comsetup.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00010818 _____ C:\Windows\tsoc.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00008071 _____ C:\Windows\ntdtcsetup.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00004382 _____ C:\Windows\imsins.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00001252 _____ C:\Windows\tabletoc.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00000885 _____ C:\Windows\ocmsn.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\All Users\Menu D�marrer
2014-01-14 05:02 - 2014-01-14 05:50 - 00170548 _____ C:\Windows\setupact.log
2014-01-14 04:59 - 2014-01-14 05:51 - 00004205 _____ C:\Windows\ODBCINST.INI
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ias
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\security
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\repair
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\ime
2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx
2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT
2014-01-14 04:59 - 2014-01-14 04:58 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2014-01-14 04:59 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Registration
2014-01-14 04:59 - 2008-04-14 07:00 - 00000477 _____ C:\Windows\win.ini
2014-01-14 04:58 - 2014-01-14 05:43 - 00000000 ___RD C:\Windows\Web
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne
2014-01-14 04:57 - 2014-01-14 05:51 - 00014772 _____ C:\Windows\ocgen.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00011537 _____ C:\Windows\FaxSetup.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00002790 _____ C:\Windows\netfxocm.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00001487 _____ C:\Windows\MedCtrOC.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00000871 _____ C:\Windows\msgsocm.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00000000 ____D C:\Program Files\Fichiers communs
2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\pchealth
2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Help
2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-14 04:56 - 2014-01-14 05:51 - 00010222 _____ C:\Windows\msmqinst.log
2014-01-14 04:56 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Mod�les
2014-01-14 04:56 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Cursors
2014-01-14 04:56 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les
2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat
2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log
2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\MsDtc
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\Com
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\Windows NT
2014-01-14 04:55 - 2014-01-14 05:50 - 00000212 ___SH C:\boot.ini
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mobogenie
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\spool
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr-fr
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Installer\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}\icon.ico
2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log
2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN
2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll
2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll
2013-12-18 10:33 - 2014-01-14 05:10 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe
2013-12-18 10:33 - 2014-01-14 05:10 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll
2013-12-18 10:32 - 2014-01-14 05:10 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys
2013-12-18 10:32 - 2014-01-14 05:10 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys
2013-12-18 10:32 - 2014-01-14 05:10 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll
2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2008-04-14 07:00] - [2008-04-14 07:00] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2008-04-14 07:00] - [2008-04-14 07:00] - 0109056 ____A (Microsoft Corporation) 54cb50058851d95e56ec70d09f70857f
C:\Windows\System32\User32.dll
[2008-04-14 07:00] - [2008-04-14 07:00] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2008-04-14 07:00] - [2008-04-14 07:00] - 0399360 ____A (Microsoft Corporation) 3d65eb82e1fa6db15a33e024c9e03cab
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points (XP) =====================
RP: -> 2014-01-14 06:45 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP5
RP: -> 2014-01-14 06:43 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP4
RP: -> 2014-01-14 05:25 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP3
RP: -> 2014-01-14 05:24 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP2
RP: -> 2014-01-14 05:05 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP1
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 851.48 MB
Available physical RAM: 668 MB
Total Pagefile: 770.97 MB
Available Pagefile: 669.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.08 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:9.99 GB) (Free:6.2 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 10 GB) (Disk ID: 96A696A6)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by SYSTEM on REATOGO on 14-01-2014 13:46:00
Running from B:\Documents and Settings\Default User\Desktop
Microsoft Windows XP (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Recovery
The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(FinePrint Software, LLC) C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
(Zone Labs, LLC) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Kevin\Local Settings\Application Data\Akamai\netsession_win.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Zone Labs, LLC) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Adobe Systems Incorporated) C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VBoxTray] - C:\WINDOWS\system32\VBoxTray.exe [1312016 2013-12-18] (Oracle Corporation)
HKU\Kevin\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2014-01-14] (Google Inc.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-11] ()
HKU\Kevin\...\Run: [Google Update*] - [x]
========================== Services (Whitelisted) =================
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 VBoxService; C:\Windows\System32\VBoxService.exe [1503504 2013-12-18] (Oracle Corporation)
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\ \ \???\{e459fab5-9ce1-ec8b-07db-a39975a958ee}\GoogleUpdate.exe"
==================== Drivers (Whitelisted) ====================
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [117008 2013-12-18] (Oracle Corporation)
S3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [100112 2013-12-18] (Oracle Corporation)
S1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [244496 2013-12-18] (Oracle Corporation)
S3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [117520 2013-12-18] (Oracle Corporation)
S1 WS2IFSL;
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\ac97intc.sys 0F2D66D5F08EBE2F77BB904288DCF6F0
C:\Windows\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\Windows\System32\Drivers\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\Windows\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\Windows\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\Windows\System32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\Windows\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\DRIVERS\intelide.sys 4B6DA2F0A4095857A9E3F3697399D575
C:\Windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\Windows\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517
C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\Windows\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\Windows\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\Windows\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\Windows\System32\Drivers\Pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\Windows\System32\DRIVERS\pcntpci5.sys 7BC8027D56FAB153A987C56AE9835664
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD
C:\Windows\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\Windows\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\Windows\System32\DRIVERS\VBoxGuest.sys EF2AB6ED00612174208CA15DCE6C926F
C:\Windows\System32\DRIVERS\VBoxMouse.sys C6ADB8FC34C902DF785E8C31FA36124E
C:\Windows\System32\drivers\VBoxSF.sys 5C425F29AC9D863DBD16013E33A51A41
C:\Windows\System32\DRIVERS\VBoxVideo.sys 1C82BB24AFBC479384F15BFD0F6CF273
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC
2014-01-14 07:06 - 2014-01-14 07:11 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST
2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____c:\users\Kevin\appdata\local\we4032.dll",Startup
2014-01-14 05:51 - 2008-04-14 07:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2014-01-14 05:51 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system\TIMER.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00003360 _____ (Microsoft Corporation) C:\Windows\system\SYSTEM.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00003072 ____N C:\Windows\System32\CONFIG.TMP
2014-01-14 05:51 - 2008-04-14 07:00 - 00002176 _____ (Microsoft Corporation) C:\Windows\system\VGA.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00002032 _____ (Microsoft Corporation) C:\Windows\system\MOUSE.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00002000 _____ (Microsoft Corporation) C:\Windows\system\KEYBOARD.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00001896 _____ C:\Windows\System32\AUTOEXEC.NT
2014-01-14 05:51 - 2008-04-14 07:00 - 00001744 _____ (Microsoft Corporation) C:\Windows\system\SOUND.DRV
2014-01-14 05:51 - 2008-04-14 07:00 - 00001152 _____ (Microsoft Corporation) C:\Windows\system\MMTASK.TSK
2014-01-14 05:51 - 2008-04-13 14:33 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\storprop.dll
2014-01-14 05:50 - 2014-01-14 06:44 - 00209267 _____ C:\Windows\setupapi.log
2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff
2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 05:50 - 2014-01-14 05:03 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT
2014-01-14 05:50 - 2014-01-14 05:02 - 00170548 _____ C:\Windows\setupact.log
2014-01-14 05:50 - 2014-01-14 04:55 - 00000212 ___SH C:\boot.ini
2014-01-14 05:50 - 2008-04-14 07:00 - 01246130 ____R C:\Windows\SET3.tmp
2014-01-14 05:43 - 2014-01-14 05:51 - 00000000 ____D C:\Windows\system
2014-01-14 05:43 - 2014-01-14 05:50 - 00000000 ____D C:\Windows\L2Schemas
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\usmt
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\npp
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\System32\fr
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\PeerNet
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\msagent
2014-01-14 05:43 - 2014-01-14 05:49 - 00000000 ____D C:\Windows\Media
2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\twain_32
2014-01-14 05:43 - 2014-01-14 05:46 - 00000000 ____D C:\Windows\System32\1036
2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\ras
2014-01-14 05:43 - 2014-01-14 05:45 - 00000000 ____D C:\Windows\System32\icsxml
2014-01-14 05:43 - 2014-01-14 05:44 - 00000000 ____D C:\Windows\System32\1033
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\ias
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\security
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\repair
2014-01-14 05:43 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\ime
2014-01-14 05:43 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Web
2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\pchealth
2014-01-14 05:43 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\Help
2014-01-14 05:43 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Cursors
2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\spool
2014-01-14 05:43 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\fr-fr
2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-14 05:24 - 2013-04-04 08:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 05:20 - 2014-01-14 06:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\BearShare
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\program files (x86)\BearShare Applications
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\programdata\{D398BDFF-BC85-4852-B26D-4CA820357DB2}
2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Program Files\Google
2014-01-14 05:18 - 2014-01-14 07:00 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\program files (x86)\sgpsa\BHO.dll
2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 05:10 - 2013-12-18 10:33 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe
2014-01-14 05:10 - 2013-12-18 10:33 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe
2014-01-14 05:10 - 2013-12-18 10:32 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys
2014-01-14 05:10 - 2013-12-18 10:32 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys
2014-01-14 05:10 - 2013-12-18 10:32 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll
2014-01-14 05:04 - 2014-01-14 07:09 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini
2014-01-14 05:04 - 2014-01-14 07:03 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau
2014-01-14 05:04 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris
2014-01-14 05:04 - 2014-01-14 04:56 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les
2014-01-14 05:03 - 2014-01-14 06:59 - 00007454 _____ C:\Windows\SchedLgU.Txt
2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2014-01-14 05:03 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx
2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT
2014-01-14 04:58 - 2014-01-14 07:10 - 00017393 _____ C:\Windows\WindowsUpdate.log
2014-01-14 04:58 - 2014-01-14 04:59 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne
2014-01-14 04:57 - 2014-01-14 05:03 - 00000000 ____D C:\Windows\System32\Restore
2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex
2014-01-14 04:57 - 2008-04-14 07:00 - 04399505 ____C C:\Windows\System32\dllcache\nls302en.lex
2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf
2014-01-14 04:57 - 2008-04-14 07:00 - 00000984 ____C C:\Windows\System32\dllcache\srframe.mmf
2014-01-14 04:56 - 2014-01-14 05:04 - 00000936 _____ C:\Windows\wmsetup.log
2014-01-14 04:56 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\Registration
2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat
2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log
2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications
2014-01-14 04:56 - 2008-04-14 07:00 - 00027768 _____ C:\Windows\System32\tslabels.ini
2014-01-14 04:56 - 2008-04-14 07:00 - 00026680 _____ C:\Windows\Rivi�re Sumida.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00026582 _____ C:\Windows\Granit vert.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00024006 _____ C:\Windows\System32\gb2312.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00022984 _____ C:\Windows\System32\bopomofo.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\qwinsta.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\msg.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\tsshutdn.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017362 _____ C:\Windows\Rhododendron.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017336 _____ C:\Windows\Jour de p�che.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\Windows\Tasse � caf�.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\program files (x86)\sgpsa\mtwb3sh.dll
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\we4032.dll",Startup
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\houiphcfm\qhkdcacshdw.exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00017062 _____ C:\users\Kevin\appdata\local\microsoft\windows\temporary internet files\content.ie5\sadfc401\access[1].exe
2014-01-14 04:56 - 2008-04-14 07:00 - 00016740 _____ C:\Windows\System32\shiftjis.uce
2014-01-14 04:56 - 2008-04-14 07:00 - 00016730 _____ C:\Windows\Plume.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00003914 _____ C:\Windows\System32\msdtcprf.ini
2014-01-14 04:56 - 2008-04-14 07:00 - 00003286 _____ C:\Windows\System32\tslabels.h
2014-01-14 04:56 - 2008-04-14 07:00 - 00001272 _____ C:\Windows\Rosace bleue 16.bmp
2014-01-14 04:56 - 2008-04-14 07:00 - 00001263 _____ C:\Windows\System32\usrlogon.cmd
2014-01-14 04:56 - 2008-04-14 07:00 - 00000768 _____ C:\Windows\System32\msdtcprf.h
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\MsDtc
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\System32\Com
2014-01-14 04:55 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Windows NT
2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log
2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN
2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\msdtc.exe
2014-01-14 04:55 - 2008-04-14 07:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\dcomcnfg.exe
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll
2014-01-14 04:55 - 2008-04-14 07:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\mtxex.dll
2014-01-14 04:55 - 2008-04-13 13:34 - 00040840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2014-01-14 04:55 - 2008-04-13 05:32 - 00196224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll
2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll
2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll
==================== One Month Modified Files and Folders =======
2014-01-14 07:11 - 2014-01-14 07:06 - 00000004 _____ C:\Documents and Settings\Kevin\Application Data\skype.ini
2014-01-14 07:10 - 2014-01-14 04:58 - 00017393 _____ C:\Windows\WindowsUpdate.log
2014-01-14 07:09 - 2014-01-14 05:04 - 00000184 ___SH C:\Documents and Settings\Kevin\ntuser.ini
2014-01-14 07:08 - 2014-01-14 07:08 - 00000000 ____D C:\Windows\CSC
2014-01-14 07:03 - 2014-01-14 05:04 - 00000000 ____D C:\Documents and Settings\Kevin\Bureau
2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Program Files\Google
2014-01-14 07:00 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Google
2014-01-14 06:59 - 2014-01-14 06:59 - 00012328 _____ C:\Documents and Settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 06:59 - 2014-01-14 05:03 - 00007454 _____ C:\Windows\SchedLgU.Txt
2014-01-14 06:58 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2014-01-14 06:44 - 2014-01-14 05:50 - 00209267 _____ C:\Windows\setupapi.log
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-codedownloader.job
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-chromeinstaller.job
2014-01-14 06:44 - 2014-01-14 05:51 - 00000000 ____C C:\WINDOWS\Tasks\Pricora-firefoxinstaller.job
2014-01-14 06:13 - 2014-01-14 06:13 - 00000000 ____D C:\FRST
2014-01-14 06:12 - 2014-01-14 06:12 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Google
2014-01-14 05:53 - 2014-01-14 05:53 - 00004444 _____ C:\Windows\System32\pid.PNF
2014-01-14 05:52 - 2014-01-14 05:52 - 00000393 _____ C:\Windows\wiadebug.log
2014-01-14 05:52 - 2014-01-14 05:52 - 00000050 _____ C:\Windows\wiaservc.log
2014-01-14 05:52 - 2014-01-14 05:52 - 00000000 _____ C:\Windows\Sti_Trace.log
2014-01-14 05:51 - 2014-01-14 05:51 - 00001470 _____ C:\Windows\regopt.log
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___SD C:\Documents and Settings\Default User\Local Settings\Historique
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\Default User\Menu D�marrer
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage r�seau
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Voisinage d'impression
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\All Users\Mod�les
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Favoris
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\Default User\Bureau
2014-01-14 05:51 - 2014-01-14 05:51 - 00000000 ____D C:\Documents and Settings\All Users\Favoris
2014-01-14 05:51 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\system
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Menu D�marrer
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage r�seau
2014-01-14 05:51 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Voisinage d'impression
2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2014-01-14 05:51 - 2014-01-14 05:03 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2014-01-14 05:51 - 2008-04-14 07:00 - 00000231 _____ C:\Windows\system.ini
2014-01-14 05:50 - 2014-01-14 05:50 - 01093632 _____ C:\Windows\System32\config\software.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00409600 _____ C:\Windows\System32\config\system.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00262144 _____ C:\Windows\System32\config\userdiff
2014-01-14 05:50 - 2014-01-14 05:50 - 00094208 _____ C:\Windows\System32\config\default.sav
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\userdiff.LOG
2014-01-14 05:50 - 2014-01-14 05:50 - 00001024 ____H C:\Windows\System32\config\TempKey.LOG
2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009
2014-01-14 04:56 - 2008-04-14 07:00 - 00010240 _____ C:\program files (x86)\antivirus 2009\av2009.exe
2014-01-14 05:50 - 2014-01-14 05:50 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 05:50 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\L2Schemas
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\usmt
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\npp
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\PeerNet
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\msagent
2014-01-14 05:49 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Media
2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\twain_32
2014-01-14 05:46 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1036
2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ras
2014-01-14 05:45 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\icsxml
2014-01-14 05:44 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1033
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\wins
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ShellExt
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\inetsrv
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\IME
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\export
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\dhcp
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3com_dmi
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\3076
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\2052
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1054
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1042
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1041
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1037
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1031
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1028
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\1025
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Resources
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Provisioning
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\mui
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\java
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Driver Cache
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Connection Wizard
2014-01-14 05:43 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\addins
2014-01-14 05:36 - 2014-01-14 05:36 - 00000000 ____D C:\Program Files\fifa
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\TuneUp Software
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Malwarebytes
2014-01-14 05:24 - 2014-01-14 05:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-14 05:21 - 2014-01-14 05:21 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 05:20 - 2014-01-14 05:20 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\MFAData
2014-01-14 05:19 - 2014-01-14 05:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-14 05:19 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\Documents and Settings\Kevin\Application Data\Mozilla
2014-01-14 05:18 - 2014-01-14 05:18 - 00000000 ____D C:\users\Kevin\appdata\roaming\2B2CF94012581557DBFF5E801EB42A26
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-14 05:17 - 2014-01-14 05:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2014-01-14 05:12 - 2014-01-14 05:12 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2014-01-14 05:10 - 2014-01-14 05:10 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 05:05 - 2014-01-14 05:51 - 00775210 _____ C:\Windows\System32\PerfStringBackup.INI
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___SD C:\Documents and Settings\Kevin\Local Settings\Historique
2014-01-14 05:04 - 2014-01-14 05:04 - 00000000 ___RD C:\Documents and Settings\Kevin\Favoris
2014-01-14 05:04 - 2014-01-14 04:56 - 00000936 _____ C:\Windows\wmsetup.log
2014-01-14 05:04 - 2008-04-14 07:00 - 00002206 _____ C:\Windows\System32\wpa.dbl
2014-01-14 05:03 - 2014-01-14 05:50 - 00090296 _____ C:\Windows\System32\FNTCACHE.DAT
2014-01-14 05:03 - 2014-01-14 05:03 - 00008192 _____ C:\Windows\REGLOCS.OLD
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 05:03 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2014-01-14 05:03 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Restore
2014-01-14 05:02 - 2014-01-14 05:51 - 00049064 _____ C:\Windows\iis6.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00016202 _____ C:\Windows\comsetup.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00010818 _____ C:\Windows\tsoc.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00008071 _____ C:\Windows\ntdtcsetup.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00004382 _____ C:\Windows\imsins.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00001252 _____ C:\Windows\tabletoc.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00000885 _____ C:\Windows\ocmsn.log
2014-01-14 05:02 - 2014-01-14 05:51 - 00000000 ___RD C:\Documents and Settings\All Users\Menu D�marrer
2014-01-14 05:02 - 2014-01-14 05:50 - 00170548 _____ C:\Windows\setupact.log
2014-01-14 04:59 - 2014-01-14 05:51 - 00004205 _____ C:\Windows\ODBCINST.INI
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\ias
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\security
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\repair
2014-01-14 04:59 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\ime
2014-01-14 04:59 - 2014-01-14 04:59 - 00316640 _____ C:\Windows\WMSysPr9.prx
2014-01-14 04:59 - 2014-01-14 04:59 - 00023392 _____ C:\Windows\System32\nscompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00016832 _____ C:\Windows\System32\amcompat.tlb
2014-01-14 04:59 - 2014-01-14 04:59 - 00003072 _____ C:\Windows\System32\CONFIG.NT
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\MSDOS.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 __RSH C:\IO.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Windows\System32\xircom
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\xerox
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 ____D C:\Program Files\microsoft frontpage
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\Windows\control.ini
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\CONFIG.SYS
2014-01-14 04:59 - 2014-01-14 04:59 - 00000000 _____ C:\AUTOEXEC.BAT
2014-01-14 04:59 - 2014-01-14 04:58 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2014-01-14 04:59 - 2014-01-14 04:56 - 00000000 ____D C:\Windows\Registration
2014-01-14 04:59 - 2008-04-14 07:00 - 00000477 _____ C:\Windows\win.ini
2014-01-14 04:58 - 2014-01-14 05:43 - 00000000 ___RD C:\Windows\Web
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\wuaucpl.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\sapi.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\nwc.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\ncpa.cpl.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000749 ___RH C:\Windows\System32\cdplayer.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\WindowsLogon.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000488 ___RH C:\Windows\System32\logonui.exe.manifest
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ___HD C:\Program Files\WindowsUpdate
2014-01-14 04:58 - 2014-01-14 04:58 - 00000000 ____D C:\Program Files\Services en ligne
2014-01-14 04:57 - 2014-01-14 05:51 - 00014772 _____ C:\Windows\ocgen.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00011537 _____ C:\Windows\FaxSetup.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00002790 _____ C:\Windows\netfxocm.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00001487 _____ C:\Windows\MedCtrOC.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00000871 _____ C:\Windows\msgsocm.log
2014-01-14 04:57 - 2014-01-14 05:51 - 00000000 ____D C:\Program Files\Fichiers communs
2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\pchealth
2014-01-14 04:57 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Help
2014-01-14 04:57 - 2014-01-14 04:57 - 00001022 _____ C:\Windows\sessmgr.setup.log
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\Macromed
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\System32\DirectX
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Windows\srchasst
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Outlook Express
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\NetMeeting
2014-01-14 04:57 - 2014-01-14 04:57 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-14 04:56 - 2014-01-14 05:51 - 00010222 _____ C:\Windows\msmqinst.log
2014-01-14 04:56 - 2014-01-14 05:51 - 00000000 ___HD C:\Documents and Settings\Default User\Mod�les
2014-01-14 04:56 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Cursors
2014-01-14 04:56 - 2014-01-14 05:04 - 00000000 ___HD C:\Documents and Settings\Kevin\Mod�les
2014-01-14 04:56 - 2014-01-14 04:56 - 00021892 _____ C:\Windows\System32\emptyregdb.dat
2014-01-14 04:56 - 2014-01-14 04:56 - 00000130 _____ C:\Windows\DtcInstall.log
2014-01-14 04:56 - 2014-01-14 04:56 - 00000037 _____ C:\Windows\vbaddin.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000036 _____ C:\Windows\vb.ini
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Online Services
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\MSN Gaming Zone
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\Messenger
2014-01-14 04:56 - 2014-01-14 04:56 - 00000000 ____D C:\Program Files\ComPlus Applications
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\MsDtc
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Windows\System32\Com
2014-01-14 04:56 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\Windows NT
2014-01-14 04:55 - 2014-01-14 05:50 - 00000212 ___SH C:\boot.ini
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Documents and Settings\Kevin\Local Settings\Application Data\Mobogenie
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\spool
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\System32\fr-fr
2014-01-14 04:55 - 2014-01-14 05:43 - 00000000 ____D C:\Windows\Installer\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}\icon.ico
2014-01-14 04:55 - 2014-01-14 04:55 - 00000200 _____ C:\Windows\cmsetacl.log
2014-01-14 04:55 - 2014-01-14 04:55 - 00000000 ____D C:\Program Files\MSN
2013-12-18 10:34 - 2013-12-18 10:34 - 01469712 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpackspu.dll
2013-12-18 10:34 - 2013-12-18 10:34 - 01360656 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGL.dll
2013-12-18 10:33 - 2014-01-14 05:10 - 01312016 _____ (Oracle Corporation) C:\Windows\System32\VBoxTray.exe
2013-12-18 10:33 - 2014-01-14 05:10 - 01080592 _____ (Oracle Corporation) C:\Windows\System32\VBoxControl.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01503504 _____ (Oracle Corporation) C:\Windows\System32\VBoxService.exe
2013-12-18 10:33 - 2013-12-18 10:33 - 01259280 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLcrutil.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 01040144 _____ (Oracle Corporation) C:\Windows\System32\VBoxMRXNP.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00845584 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLfeedbackspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00550672 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLarrayspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00126224 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLerrorspu.dll
2013-12-18 10:33 - 2013-12-18 10:33 - 00086800 _____ (Oracle Corporation) C:\Windows\System32\VBoxOGLpassthroughspu.dll
2013-12-18 10:32 - 2014-01-14 05:10 - 00117520 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxVideo.sys
2013-12-18 10:32 - 2014-01-14 05:10 - 00117008 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxGuest.sys
2013-12-18 10:32 - 2014-01-14 05:10 - 00077072 _____ (Oracle Corporation) C:\Windows\System32\VBoxDisp.dll
2013-12-18 10:32 - 2013-12-18 10:32 - 00244496 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxSF.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00100112 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxMouse.sys
2013-12-18 10:32 - 2013-12-18 10:32 - 00052496 _____ (Oracle Corporation) C:\Windows\System32\VBoxHook.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2008-04-14 07:00] - [2008-04-14 07:00] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2008-04-14 07:00] - [2008-04-14 07:00] - 0109056 ____A (Microsoft Corporation) 54cb50058851d95e56ec70d09f70857f
C:\Windows\System32\User32.dll
[2008-04-14 07:00] - [2008-04-14 07:00] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2008-04-14 07:00] - [2008-04-14 07:00] - 0399360 ____A (Microsoft Corporation) 3d65eb82e1fa6db15a33e024c9e03cab
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points (XP) =====================
RP: -> 2014-01-14 06:45 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP5
RP: -> 2014-01-14 06:43 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP4
RP: -> 2014-01-14 05:25 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP3
RP: -> 2014-01-14 05:24 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP2
RP: -> 2014-01-14 05:05 - 024576 _restore{EF9553F2-3D3A-4E1C-ADF4-E765421D15CA}\RP1
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 851.48 MB
Available physical RAM: 668 MB
Total Pagefile: 770.97 MB
Available Pagefile: 669.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.08 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:9.99 GB) (Free:6.2 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 10 GB) (Disk ID: 96A696A6)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
==================== End Of Log ============================