Analyse rapport Winpfind3u.exe

[chtilo]

Merci Angelique je vais aller vérifier cette clés a l'issue de mon post.

 

Sinon j'ai plusieur chose a rajouter j'ai fais "Policies" avec ZebRestore mais sa turer et le truc a bloquer il faudrait que je re-éssaie car là mes droit ne sont pas revenu de plus même si je pige pas tout sur GPEDIT il me semble que rien n'est modifier.

 

Par contre je pense connaitre la source de mon infection et si vous pouviez me renseigné

 

voici la reponse possible tout d'abord a la vue de svdhost.exe j'ai rechercher sur sophos et voici ce qui etait pour mon cas sur le site sophos qui dit que c'est un code malicieux passant par le RPC mais j'ai également trouvé ça en recherchant perte de droit administrateur sur Microsoft sécurité

 

par rapport a ce lien j'ai , il me semble car j'ai juste un vague souvenir que certain compte n'aexistait pas avant dans mon onglet sécurité.Je peut vous les mettre dans le prochain poste si vous voulez les voir .

 

ce qui est également plus ou moins mon cas.

 

si vous avez un avis à donner.Je suis preneur pour les solution pour récupérer mes droits.Et je me demandai, comment restore ZebRestore les clés lié au droit , il se fit au compte ou c'est déjà formater d'une manière unique ?

 

Encore merci de m'aider car là c'est très difficile je dois l'avouer je vais également teste une astuce trouvé sur ce dernier site présenté en lien.

 

amicalement.

 

P.S Pour le fichier Hosts j'ai fais ça mais il me dit qu'il ne peut créer le fichier Hosts(précédé du chemin d'acces).

Modifié le 4 septembre 2007 par chtilo

[eclypse]

Salut

 

Go Ici pour ton probleme

 

@+

 

Eclypse

[chtilo]

Merci eclypse , mais je n'ai pas ce message d'erreur.Mais par contre c'est bon de le savoir.

 

Je voulait demander un truc est ce que ce groupe est légale CREATEUR PROPRIETAIRE

 

Pour mes Màj et mes droit rien de nouveaux je pense d'apres les infos que j'ai trouvé que je dois trouvé le moyen de remettre les clé de registre.

 

Pour le moment je vais ré-éssayer ZebRestore

 

et encore merci de m'aider

 

amicalement

[chtilo]

J'ai l'impression que je ne suis plus tout seul en regardant les nouveaux topic ouvert.

 

Je voudrait proposer une solution pour avoir une confirmation mais avant je voudrai une convirmation:

 

Donc quand j'installe windows un compte admin est créer d'office là, on est d'accord.

 

Ensuite dans mon cas (pour changé, lol!) je suis seul sur le PC donc le compte que je crée pour utilisé le PC est un compte admin donc j'ai bien tout les droit, je veux dire comme le compte admin créer en même temp que windows , si oui je suis pas fou et donc j'ai vraiment se problème.Merci de me confirmer.

 

Sinon voilà a quoi j'ai pensé mais j'attend votre accord et surtout votre avis :

 

J'ai ERUNT qui crée des backup de mon registre donc comme le problème pour moi semble venir des clés de registre , je me demandai, si j'ajoute (pas remplacé) un backup antérieur a la date de l'infection et que je passe un coup de regseeker pour les clés qui ne sont plus valide, est ce que cela peut marché ? Ou y a-t-il d'autre chose que les clés qui peuvent être lié a ce problème.

 

Merci à vous

 

amicalement.

[chtilo]

Bonjours à tous ,

 

Bon pas de changement , mais pour les Màj peut ^tre que je devrait remettre les clés que j'ai enlever.

 

Pour mes droit utilisateur j'ai vu que WinPFind3U.exe permet de rentrer dans le vif des changement effectuer mais par contre là c'est compliquer je ne sais analyser ce log et résoudre les problème avec donc je lance un appel.......

 

Amicalement.

[chtilo]

Voici le scan fais avec Winpfind3u.exe après avoir lu le topic qui traite d'un problème presque similaire si quelqu'un peut me le traduire je le remercie et aussi toute les personne qui m'aide depuis le début de mon topic et ceux a venir.

 

WinPFind3 logfile created on: 2007-09-05 19:12:40

WinPFind3U by OldTimer - Version 1.0.42 Folder = U:\Télécharger\WinPFind3u\

Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)

Internet Explorer (Version = 7.0.5730.11)

 

1023.48 Mb Total Physical Memory | 549.73 Mb Available Physical Memory | 53.71% Memory free

2.40 Gb Paging File | 2.01 Gb Available in Paging File | 83.77% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 58.59 Gb Total Space | 49.46 Gb Free Space | 84.40% Space Free

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

 

Computer Name: LO-516AA449945E

Current User Name: Loickos

Logged in as Administrator.

Current Boot Mode: Normal

 

 

[Processes - Non-Microsoft Only]

a2service.exe -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 2007-08-19 21:30:02 | Attr = ]

ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-04 05:02:58 | Attr = ]

ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-04 05:02:58 | Attr = ]

avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 11:25:42 | Attr = ]

cledx.exe -> %ProgramFiles%\SyncroSoft\POS\H2O\cledx.exe -> Team H2O [Ver = v0.3.1412 | Size = 307200 bytes | Modified Date = 2007-12-11 04:59:40 | Attr = ]

dsa.exe -> %ProgramFiles%\Privacyware\Dynamic Security Agent\DSA.exe -> Privacyware [Ver = 1, 0, 8, 8 | Size = 2347008 bytes | Modified Date = 2006-08-08 19:01:24 | Attr = ]

firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.6: 2007072518 | Size = 7644520 bytes | Modified Date = 2007-07-31 07:35:16 | Attr = ]

guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 14:31:10 | Attr = ]

jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 2007-07-12 04:00:36 | Attr = ]

nod32krn.exe -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 39 | Size = 552064 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

nod32kui.exe -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 39 | Size = 949376 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

ooccag.exe -> %ProgramFiles%\OO Software\CleverCache\ooccag.exe -> O&O Software GmbH [Ver = 6.0.1.2851 | Size = 391952 bytes | Modified Date = 2007-01-28 15:08:26 | Attr = ]

ooccctrl.exe -> %ProgramFiles%\OO Software\CleverCache\ooccctrl.exe -> O&O Software GmbH [Ver = 6.0.1.4036 | Size = 1911568 bytes | Modified Date = 2007-01-28 15:08:36 | Attr = ]

oodag.exe -> %System32%\oodag.exe -> O&O Software GmbH [Ver = 10.0.1670 | Size = 1049856 bytes | Modified Date = 2007-06-28 23:02:08 | Attr = ]

pwrisovm.exe -> %ProgramFiles%\PowerISO\PWRISOVM.EXE -> PowerISO Computing, Inc. [Ver = 3, 7, 0, 0 | Size = 200704 bytes | Modified Date = 2007-04-09 14:23:12 | Attr = ]

regprot.exe -> %SystemDrive%\RegProt\regprot.exe -> [Ver = | Size = 19614 bytes | Modified Date = 2001-09-13 06:54:22 | Attr = ]

robotaskbaricon.exe -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -> Siber Systems [Ver = 6-9-5 | Size = 160568 bytes | Modified Date = 2007-08-30 11:06:32 | Attr = ]

soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.38 | Size = 77824 bytes | Modified Date = 2005-04-15 05:01:46 | Attr = ]

supercopier2.exe -> %ProgramFiles%\SuperCopier2\SuperCopier2.exe -> SFX TEAM [Ver = 2.0.0.579 | Size = 1052672 bytes | Modified Date = 2006-07-07 18:45:00 | Attr = ]

totalcmd.exe -> %SystemDrive%\totalcmd\TOTALCMD.EXE -> C. Ghisler & Co. [Ver = 7.01 | Size = 1071560 bytes | Modified Date = 2007-06-24 17:18:04 | Attr = ]

trayit!.exe -> U:\Optimisation & Diagnostic\Tray It\TrayIt!.exe -> Igor Nys [Ver = 4, 6, 5, 5 | Size = 204800 bytes | Modified Date = 2007-07-18 15:57:00 | Attr = ]

vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 2007-03-09 00:01:58 | Attr = ]

washersvc.exe -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,0,1093 | Size = 388936 bytes | Modified Date = 2007-08-09 13:56:26 | Attr = ]

winpfind3u.exe -> U:\Télécharger\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 2007-09-04 10:47:26 | Attr = ]

zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 2007-03-09 00:02:00 | Attr = ]

 

[Win32 Services - Non-Microsoft Only]

(a2free) a-squared Free Service [Win32_Own | Auto | Running] -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 2007-08-19 21:30:02 | Attr = ]

(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 2005-08-04 05:02:58 | Attr = ]

(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0024 | Size = 516096 bytes | Modified Date = 2005-08-05 21:05:00 | Attr = ]

(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 14:31:10 | Attr = ]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 2004-08-19 23:09:52 | Attr = ]

(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 2007-07-23 23:33:14 | Attr = ]

(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found

(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 10, 3, 2 | Size = 800040 bytes | Modified Date = 2007-06-29 19:16:56 | Attr = ]

(NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,16,0 | Size = 279848 bytes | Modified Date = 2007-06-27 19:04:00 | Attr = ]

(NOD32krn) NOD32 Kernel Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 39 | Size = 552064 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

(O&O Defrag) O&O Defrag [Win32_Own | Auto | Running] -> %System32%\oodag.exe -> O&O Software GmbH [Ver = 10.0.1670 | Size = 1049856 bytes | Modified Date = 2007-06-28 23:02:08 | Attr = ]

(OOCleverCacheAgent) O&O CleverCache Agent [Win32_Own | Auto | Running] -> %ProgramFiles%\OO Software\CleverCache\ooccag.exe -> O&O Software GmbH [Ver = 6.0.1.2851 | Size = 391952 bytes | Modified Date = 2007-01-28 15:08:26 | Attr = ]

(PFNet) Privacyware network service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Privacyware\Dynamic Security Agent\pfsvc.exe -> PWI, Inc. [Ver = 5, 0, 8, 8 | Size = 319488 bytes | Modified Date = 2006-08-08 17:23:26 | Attr = ]

(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 2007-03-09 00:01:58 | Attr = ]

(wwEngineSvc) Window Washer Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,0,1093 | Size = 388936 bytes | Modified Date = 2007-08-09 13:56:26 | Attr = ]

 

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 11:25:42 | Attr = ]

ATICCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> ATI Technologies Inc. [Ver = 1.2.2044.224 | Size = 61440 bytes | Modified Date = 2005-08-06 01:07:30 | Attr = ]

DSA -> %ProgramFiles%\Privacyware\Dynamic Security Agent\DSA.exe -> Privacyware [Ver = 1, 0, 8, 8 | Size = 2347008 bytes | Modified Date = 2006-08-08 19:01:24 | Attr = ]

H2O -> %ProgramFiles%\SyncroSoft\POS\H2O\cledx.exe -> Team H2O [Ver = v0.3.1412 | Size = 307200 bytes | Modified Date = 2007-12-11 04:59:40 | Attr = ]

NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 6 | Size = 153136 bytes | Modified Date = 2007-03-01 15:57:24 | Attr = ]

nod32kui -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 39 | Size = 949376 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

ooccctrl.exe -> %ProgramFiles%\OO Software\CleverCache\ooccctrl.exe -> O&O Software GmbH [Ver = 6.0.1.4036 | Size = 1911568 bytes | Modified Date = 2007-01-28 15:08:36 | Attr = ]

OSSelectorReinstall -> %CommonProgramFiles%\Acronis\Partition Suite\oss_reinstall.exe -> [Ver = | Size = 1281425 bytes | Modified Date = 2006-05-31 11:20:56 | Attr = ]

PWRISOVM.EXE -> %ProgramFiles%\PowerISO\PWRISOVM.EXE -> PowerISO Computing, Inc. [Ver = 3, 7, 0, 0 | Size = 200704 bytes | Modified Date = 2007-04-09 14:23:12 | Attr = ]

RegProt -> %SystemDrive%\RegProt\regprot.exe -> [Ver = | Size = 19614 bytes | Modified Date = 2001-09-13 06:54:22 | Attr = ]

SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.38 | Size = 77824 bytes | Modified Date = 2005-04-15 05:01:46 | Attr = ]

SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 2007-07-12 04:00:36 | Attr = ]

ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 2007-03-09 00:02:00 | Attr = ]

< RunOnce [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->

MRUBlaster -> %ProgramFiles%\MRU-Blaster\indexcleaner.exe -> [Ver = 1.00.0002 | Size = 32768 bytes | Modified Date = 2003-01-05 13:20:20 | Attr = ]

< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

RoboForm -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -> Siber Systems [Ver = 6-9-5 | Size = 160568 bytes | Modified Date = 2007-08-30 11:06:32 | Attr = ]

SuperCopier2.exe -> %ProgramFiles%\SuperCopier2\SuperCopier2.exe -> SFX TEAM [Ver = 2.0.0.579 | Size = 1052672 bytes | Modified Date = 2006-07-07 18:45:00 | Attr = ]

swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 2007-07-27 12:54:44 | Attr = ]

< Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->

%AllUsersStartup%\Barre d'état système d'ATI CATALYST.lnk -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> ATI Technologies Inc. [Ver = 1.2.2044.224 | Size = 61440 bytes | Modified Date = 2005-08-06 01:07:30 | Attr = ]

< User Startup > -> C:\Documents and Settings\Loickos\Menu Démarrer\Programmes\Démarrage ->

%UserStartup%\ERUNT AutoBackup.lnk -> %ProgramFiles%\ERUNT\AUTOBACK.EXE -> [Ver = | Size = 36864 bytes | Modified Date = 2005-03-06 15:26:48 | Attr = ]

%UserStartup%\MRU-Blaster Silent Clean.lnk -> %ProgramFiles%\MRU-Blaster\mrublaster.exe -> [Ver = 1.05.0009 | Size = 1216512 bytes | Modified Date = 2004-03-28 15:07:48 | Attr = ]

%UserStartup%\TrayIt!.lnk -> U:\Optimisation & Diagnostic\Tray It\TrayIt!.exe -> Igor Nys [Ver = 4, 6, 5, 5 | Size = 204800 bytes | Modified Date = 2007-07-18 15:57:00 | Attr = ]

< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->

{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-30 14:29:58 | Attr = ]

{81559C35-8464-49F7-BB0E-07A383BEF910} [HKLM] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [spywareGuard] -> [Ver = 2.02 | Size = 126976 bytes | Modified Date = 2003-08-02 23:20:58 | Attr = R ]

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->

AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 46080 bytes | Modified Date = 2005-08-04 05:04:18 | Attr = ]

< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveAutoRun -> 67108863 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveTypeAutoRun -> 255 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsMenu -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoFavoritesMenu -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMMyDocs -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMMyPictures -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoStartMenuMyMusic -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsHistory -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsNetHood -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMHelp -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRun -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoInstrumentation -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSimpleStartMenu -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RUN\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\\NoFileSharing -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\\NoPrintSharing -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\UNINSTALL\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\ -> ->

< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\DisableWindowsUpdate -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveTypeAutoRun -> 145 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoWindowsUpdate -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsMenu -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoFavoritesMenu -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMMyDocs -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMMyPictures -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoStartMenuMyMusic -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsHistory -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\ClearRecentDocsOnExit -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRecentDocsNetHood -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSMHelp -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoRun -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoUserNameInStartMenu -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoInstrumentation -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoStartMenuPinnedList -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\ForceStartMenuLogoff -> 0 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoSharedDocuments -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\DISALLOWCPL\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\DISALLOWRUN\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RESTRICTCPL\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RESTRICTRUN\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RUN\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\\NoFileSharing -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\\NoFileSharingControl -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\\NoPrintSharing -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\UNINSTALL\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\\DisableWindowsUpdateAccess -> 1 ->

< HOSTS File > (8430625 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->

< Internet Explorer Settings > -> ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Local Page -> C:\windows\system32\blank.htm ->

HKLM: Search Bar -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->

HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Local Page -> C:\windows\system32\blank.htm ->

HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKCU: ProxyEnable -> 0 ->

< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

msn.com [ - ] -> ->

< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

*.update_microsoft.com [http] -> ->

*.update_microsoft.com [https] -> ->

www.update_microsoft.com [http] -> ->

download_windowsupdate.com [http] -> ->

< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{2E03C0FD-4C48-43A7-9A54-00240C70FF16} [HKLM] -> %System32%\BhoECart.dll [ECarteBleueBrowserHelper Class] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 3, 94 | Size = 69632 bytes | Modified Date = 2003-05-14 14:41:30 | Attr = ]

{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [spywareGuardDLBLOCK.CBrowserHelper] -> [Ver = 2.02 | Size = 192512 bytes | Modified Date = 2003-08-02 23:24:02 | Attr = R ]

{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 2005-05-31 01:04:00 | Attr = ]

{724d43a9-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [Reg Data - Value does not exist] -> Siber Systems [Ver = 6-9-5 | Size = 5645104 bytes | Modified Date = 2007-08-30 11:06:32 | Attr = ]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 2007-07-12 04:00:36 | Attr = ]

{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 2007-07-23 23:33:12 | Attr = R ]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 2007-07-27 12:54:44 | Attr = ]

< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->

{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 2007-07-23 23:33:12 | Attr = R ]

{724d43a0-0d85-11d4-9908-00400523e39a} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-9-5 | Size = 5645104 bytes | Modified Date = 2007-08-30 11:06:32 | Attr = ]

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->

WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 2007-07-23 23:33:12 | Attr = R ]

WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> %ProgramFiles%\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> Siber Systems [Ver = 6-9-5 | Size = 5645104 bytes | Modified Date = 2007-08-30 11:06:32 | Attr = ]

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 2007-07-12 04:00:36 | Attr = ]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 2007-07-12 04:00:36 | Attr = ]

{320AF880-6646-11D3-ABEE-C5DBF3571F46} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm [buttonText: Remplir] -> File not found

{320AF880-6646-11D3-ABEE-C5DBF3571F49} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm [buttonText: Enregistrer] -> File not found

{724d43aa-0d85-11d4-9908-00400523e39a} -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm [buttonText: Barre RoboForm] -> File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [buttonText: Recherche] -> File not found

< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

Barre RoboForm -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htm -> File not found

E&xporter vers Microsoft Excel -> -> File not found

Enregistrer le formulaire -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComSavePass.htm -> File not found

Personnaliser le menu -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.htm -> File not found

Remplir le formulaire -> %ProgramFiles%\Siber Systems\AI RoboForm\RoboFormComFillForms.htm -> File not found

< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->

sv1 -> ->

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{022C77D4-E660-4630-8947-94654E82A62B} -> () ->

< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->

Protocol_Catalog9\Catalog_Entries0000000001 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

Protocol_Catalog9\Catalog_Entries0000000002 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

Protocol_Catalog9\Catalog_Entries0000000003 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

Protocol_Catalog9\Catalog_Entries0000000004 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

Protocol_Catalog9\Catalog_Entries0000000005 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

Protocol_Catalog9\Catalog_Entries0000000017 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

< Default Protocols [HKLM] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->

about -> 4 = Restricted sites (Not a Default Protocol) ->

about: -> 4 = Restricted sites (Not a Default Protocol) ->

mhtml -> 4 = Restricted sites (Not a Default Protocol) ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab ->

{6414512B-B978-451D-A0D8-FCFDF33E833C} -> - CodeBase = http://www.update.microsoft.com/windowsupd...b?1185227167531 ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->

{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab ->

 

 

[Registry - Additional Scans - Non-Microsoft Only]

< Security Settings > -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\\DisableMonitoring -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, and name resolution services for all computers on your home network through a dial-up connection. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Internet Connection Sharing ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 4 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Group -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 197 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\135:TCP -> 135:TCP:*:Enabled:DCOM(135) ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Autorise le téléchargement et l'installation des mises à jour de Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité Mises à jour automatiques, ni accéder au site Web Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Group -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 4 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Internet Explorer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Internet Explorer\Infodelivery\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\\NoUpdateCheck -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventAutoRun -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventRun -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\Disabled -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventBackgroundDownload -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventAutoUpdate -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\\DontReportInfectionInformation -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\Common\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\Common\\DWNeverUpload -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\Common\\DWNoExternalURL -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\Common\\DWNoFileCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\10.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\11.0\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\11.0\Common\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\11.0\Common\\DWNoExternalURL -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\11.0\Common\\DWNoFileCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\11.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\Common\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\Common\\DWNeverUpload -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\Common\\DWNoExternalURL -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\Common\\DWNoFileCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Office\9.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\PCHealth\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\PCHealth\ErrorReporting\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\PCHealth\ErrorReporting\DW\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\PCHealth\ErrorReporting\DW\\DWNeverUpload -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\DisableMSI -> 2 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\AlwaysInstallElevated -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Psched\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Psched\\NonBestEffortLimit -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\\ElevateNonAdmins -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\AU\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\AU\\AUOptions -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\AU\\AutoInstallMinorUpdates -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\AU\\NoAutoUpdate -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsMediaPlayer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsMediaPlayer\\DisableAutoUpdate -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsMediaPlayer\\PreventCodecDownload -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsMediaPlayer\\DisableMRU -> 1 ->

< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->

HKEY_CURRENT_USER\Software\Policies\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\\NoBrowserOptions -> 0 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\\PreventAutoRun -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\\PreventRun -> 0 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common\\DWNeverUpload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common\\DWNoExternalURL -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common\\DWNoFileCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Outlook\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Outlook\InstantMessaging\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Outlook\InstantMessaging\\ForceDisableIM -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\\DWNeverUpload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\\DWNoExternalURL -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\\DWNoFileCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\Common\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\Common\\DWNeverUpload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\Common\\DWNoExternalURL -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\Common\\DWNoFileCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\9.0\Common\\DWNoSecondLevelCollection -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\PCHealth\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\PCHealth\ErrorReporting\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\\DWNeverUpload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AppCompat\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer\\PreventCodecDownload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer\\NoCodecDownload -> 1 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer\\PreventMusicFileMetadataRetrieval -> 0 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer\\PreventCDDVDMetadataRetrieval -> 0 ->

< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{083F79E4-6FE9-46FB-A6C6-4F8862742947} -> ATI HYDRAVISION ->

{15095BF3-A3D7-4DDF-B193-3A496881E003} -> Microsoft .NET Framework 3.0 ->

{2300EE96-0A41-4FAB-BD03-989EC44577A0} -> Partition Suite ->

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer ->

{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java SE Runtime Environment 6 Update 1 ->

{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java 6 Update 2 ->

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->

{491DD792-AD81-429C-9EB4-86DD3D22E333} -> Windows Communication Foundation ->

{4D3B509A-82E2-4E8B-9D90-C880A2131C73} -> Dynamic Security Agent 1.0 ->

{534802E0-761E-47F4-BD27-061BC8F976AE} -> O&O SafeErase ->

{53480330-E1D1-41CA-B8F8-7F78644F7F50} -> O&O Defrag Professional Edition ->

{53480390-0EC4-429E-BBEE-78E19EEB03BD} -> O&O CleverCache ->

{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml ->

{5A710547-B58E-488B-828D-CA9A25A0533C} -> MSXML 6.0 Parser (KB927977) ->

{620797B0-A022-4B57-A95E-DD7DD0321028} -> ProxyWay Extra ->

{6901DD22-527A-41EF-9059-E81FEDE9E494} -> Windows Presentation Foundation Language Pack (FRA) ->

{69B9A8B6-75C7-4B0C-A530-129C3C0768C8} -> Personal Translator 2008 Professional English French ->

{7131646D-CD3C-40F4-97B9-CD9E4E6262EF} -> Microsoft .NET Framework 2.0 ->

{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} -> Windows Workflow Foundation ->

{86EC42B5-346E-4BAB-948D-58E021EA4BD1} -> ATI Catalyst Control Center ->

{9011040C-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 ->

{B168C59D-5FCF-4EEC-B464-BFA7A8266150} -> Windows Communication Foundation Language Pack - FRA ->

{B84C141C-9A13-44BE-9A69-301D7B11D836} -> Windows Workflow Foundation FR Language Pack ->

{BAF78226-3200-4DB4-BE33-4D922A799840} -> Windows Presentation Foundation ->

{C151CE54-E7EA-4804-854B-F515368B0798} -> Athlon 64 Processor Driver ->

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 ->

{CF097717-F174-4144-954A-FBC4BF301036} -> Nero 7 Premium ->

{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1 -> NOD32 FiX ->

{DBEA1034-5882-4A88-8033-81C4EF0CFA29} -> Google Toolbar for Internet Explorer ->

{E3C080B0-23F5-49AF-89F8-8E8DBC89E659} -> Microsoft .NET Framework 3.0 French Language Pack ->

{F196AC50-7C95-42E1-9947-BDAB18BF3C8C} -> Microsoft .NET Framework 2.0 Language Pack - FRA ->

{F7338FA3-DAB5-49B2-900D-0AFB5760C166} -> PC Probe II ->

{FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio ->

97149975-b4b1-4d2b-b9fe-7ba413d0efeb_is1 -> SummerProperties 1.2 ->

Adobe Flash Player Plugin -> Adobe Flash Player Plugin ->

Adobe® Photoshop® Album Edition Découverte 3.2 -> Adobe® Photoshop® Album Edition Découverte 3.2 ->

AI RoboForm -> AI RoboForm (All Users) ->

All ATI Software -> ATI - Utilitaire de désinstallation du logiciel ->

a-squared Free_is1 -> a-squared Free 3.0 ->

AsusUpdate -> AsusUpdate ->

ATI Display Driver -> ATI Display Driver ->

AVGantiRootkit -> AVG Anti-Rootkit Free ->

AVGAntiSpyware75 -> AVG Anti-Spyware 7.5 ->

AxCrypt -> AxCrypt (Désinstaller uniquement) ->

CCleaner -> CCleaner (remove only) ->

dBpoweramp [Arrange Audio] Codec -> dBpoweramp [Arrange Audio] Codec ->

dBpoweramp [Multi Encoder] Codec -> dBpoweramp [Multi Encoder] Codec ->

dBpoweramp [ReplayGain] Codec -> dBpoweramp [ReplayGain] Codec ->

dBpoweramp AAC Encoder -> dBpoweramp AAC Encoder ->

dBpowerAMP CD Writer -> dBpowerAMP CD Writer ->

dBPowerAMP Dalet codec R2 -> dBPowerAMP Dalet codec R2 ->

dBpoweramp DirectShow Decoder -> dBpoweramp DirectShow Decoder ->

dBpoweramp DSP Effects -> dBpoweramp DSP Effects ->

dBpoweramp FLAC Codec -> dBpoweramp FLAC Codec ->

dBpoweramp m4a Codec -> dBpoweramp m4a Codec ->

dBpoweramp m4a Utilities -> dBpoweramp m4a Utilities ->

dBpoweramp Midi Decoder -> dBpoweramp Midi Decoder ->

dBpoweramp Monkeys Audio Codec -> dBpoweramp Monkeys Audio Codec ->

dBpoweramp Musepack Codec -> dBpoweramp Musepack Codec ->

dBpoweramp Music Converter -> dBpoweramp Music Converter ->

dBpoweramp Ogg Vorbis Codec -> dBpoweramp Ogg Vorbis Codec ->

dBpowerAMP Rename Extension -> dBpowerAMP Rename Extension ->

dBpowerAMP Tag From Filename -> dBpowerAMP Tag From Filename ->

dBpowerAMP Update ID Tag -> dBpowerAMP Update ID Tag ->

dBpoweramp WavPack Codec -> dBpoweramp WavPack Codec ->

dBpoweramp Windows Media Audio 10 Codec -> dBpoweramp Windows Media Audio 10 Codec ->

DFX for Winamp -> DFX 8 for Winamp ->

e-Carte Bleue Banque Populaire -> e-Carte Bleue Banque Populaire ->

ERUNT_is1 -> ERUNT 1.1h ->

EVEREST Ultimate Edition_is1 -> EVEREST Ultimate Edition v4.00 ->

Foxit Reader -> Foxit Reader ->

HijackThis -> HijackThis 1.99.1 ->

Hijackthis Version Française_is1 -> Hijackthis Version Française ->

IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs ->

ie7 -> Windows Internet Explorer 7 ->

InstallShield_{69B9A8B6-75C7-4B0C-A530-129C3C0768C8} -> Personal Translator 2008 Professional English French ->

iZotope Ozone 1.0 for Winamp2 and Winamp3_is1 -> iZotope Ozone 1.0 for Winamp2 and Winamp3 ->

jv16 PowerTools_is1 -> jv16 PowerTools 2007 ->

Kaspersky Online Scanner -> Kaspersky Online Scanner ->

KB892130 -> Windows Genuine Advantage Validation Tool (KB892130) ->

KB920342 -> Mise à jour pour Windows XP (KB920342) ->

KB921503 -> Mise à jour de sécurité pour Windows XP (KB921503) ->

KB923789 -> Mise à jour de sécurité pour Windows XP (KB923789) ->

KB929969 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) ->

KB933566-IE7 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) ->

KB936021 -> Mise à jour de sécurité pour Windows XP (KB936021) ->

KB936782_WMP9 -> Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) ->

KB937143-IE7 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) ->

KB938127-IE7 -> Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) ->

KB938828 -> Mise à jour pour Windows XP (KB938828) ->

KB938829 -> Mise à jour de sécurité pour Windows XP (KB938829) ->

L'Assistant DartyBox -> L'Assistant DartyBox ->

Microsoft .NET Framework 2.0 -> Microsoft .NET Framework 2.0 ->

Microsoft .NET Framework 2.0 Language Pack - FRA -> Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA ->

Microsoft .NET Framework 3.0 -> Microsoft .NET Framework 3.0 ->

Microsoft .NET Framework 3.0 French Language Pack -> Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 ->

MRU-Blaster_is1 -> MRU-Blaster v1.5 (Database 3/28/2004) ->

NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs ->

NOD32 -> NOD32 Antivirus System ->

NTREGOPT_is1 -> NTREGOPT 1.1h ->

NVIDIA Drivers -> NVIDIA Drivers ->

PowerISO -> PowerISO ->

Privoxy -> Privoxy 3.0.6 ->

Random Password Generator-PRO -> Random Password Generator-PRO ->

RegScanner -> RegScanner ->

Revo Uninstaller -> Revo Uninstaller 1.34 ->

ShockwaveFlash -> Adobe Flash Player 9 ActiveX ->

SpeedFan -> SpeedFan (remove only) ->

Spybot - Search & Destroy_is1 -> Spybot - Search & Destroy 1.4 ->

SpywareBlaster_is1 -> SpywareBlaster v3.5.1 ->

SpywareGuard_is1 -> SpywareGuard v2.2 ->

Steinberg Nuendo v3.2.0.1128 -> Steinberg Nuendo v3.2.0.1128 ->

SuperCopier2 -> SuperCopier2 ->

SyncroSoft Emu -> SyncroSoft Emu (Remove only) ->

Syncrosoft's License Control -> Le Centre de Contrôle de Licences de Syncrosoft ->

The KMPlayer FR_is1 -> The KMPlayer v2.9.3.1340 FR ->

Tor -> Tor 0.1.2.16 ->

Totalcmd -> Total Commander (Remove or Repair) ->

Uninstall -> Uninstall ->

Vidalia -> Vidalia 0.0.13 ->

WGA -> Windows Genuine Advantage Validation Tool (KB892130) ->

WIC -> Windows Imaging Component ->

Winamp -> Winamp (remove only) ->

Window Washer -> Window Washer ->

Windows Media Format Runtime -> Windows Media Format 11 runtime ->

WinRAR archiver -> Archiveur WinRAR ->

WMFDist11 -> Windows Media Format 11 runtime ->

xp-AntiSpy -> xp-AntiSpy 3.96-5 ->

XpsEPSC -> XML Paper Specification Shared Components Pack 1.0 ->

XPSEPSCLP -> XML Paper Specification Shared Components Language Pack 1.0 ->

ZoneAlarm Pro -> ZoneAlarm Pro ->

 

[Files/Folders - Created Within 60 days]

AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 2007-07-23 21:06:30 | Attr = ]

Bases -> %SystemDrive%\Bases -> [Folder | Created Date = 2007-09-01 17:43:59 | Attr = ]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 212 bytes | Created Date = 2007-07-23 22:51:41 | Attr = HS]

ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 2007-09-05 00:41:15 | Attr = ]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 2007-08-05 17:30:24 | Attr = ]

CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 2007-07-23 21:06:30 | Attr = ]

CWShredder -> %SystemDrive%\CWShredder -> [Folder | Created Date = 2007-08-20 20:58:05 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 2007-07-23 22:52:26 | Attr = ]

Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 2007-09-01 17:43:59 | Attr = ]

HijackThis-fr -> %SystemDrive%\HijackThis-fr -> [Folder | Created Date = 2007-08-03 06:06:39 | Attr = ]

IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 2007-07-23 21:06:30 | Attr = RHS]

Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 2007-09-01 17:42:46 | Attr = ]

MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 2007-07-23 21:06:30 | Attr = RHS]

Program Files -> %ProgramFiles% -> [Folder | Created Date = 2007-07-23 22:53:16 | Attr = R ]

qoobox -> %SystemDrive%\qoobox -> [Folder | Created Date = 2007-09-05 00:41:59 | Attr = ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 2007-07-23 22:08:27 | Attr = HS]

RegProt -> %SystemDrive%\RegProt -> [Folder | Created Date = 2007-08-30 08:11:48 | Attr = ]

Rustbfix -> %SystemDrive%\Rustbfix -> [Folder | Created Date = 2007-08-23 15:17:03 | Attr = ]

SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 2007-09-05 01:09:46 | Attr = ]

Smitfraudfix -> %SystemDrive%\Smitfraudfix -> [Folder | Created Date = 2007-08-20 18:05:18 | Attr = ]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 1782-11-30 03:04:26 | Attr = HS]

totalcmd -> %SystemDrive%\totalcmd -> [Folder | Created Date = 2007-08-18 09:50:23 | Attr = ]

treeinfo.wc -> %SystemDrive%\treeinfo.wc -> [Ver = | Size = 196893 bytes | Created Date = 2007-08-19 20:15:51 | Attr = H ]

WINDOWS -> %SystemRoot% -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Created Date = 2007-07-23 22:47:32 | Attr = H ]

$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 2007-07-23 23:10:12 | Attr = H ]

$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 2007-07-23 23:10:02 | Attr = H ]

$NtUninstallKB920342$ -> %SystemRoot%\$NtUninstallKB920342$ -> [Folder | Created Date = 2007-08-20 13:18:29 | Attr = H ]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 2007-08-20 13:25:25 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 2007-08-20 13:26:16 | Attr = H ]

$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Created Date = 2007-08-20 13:26:06 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 2007-08-20 13:24:32 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 2007-08-20 13:25:31 | Attr = H ]

$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Created Date = 2007-08-20 13:18:41 | Attr = H ]

$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Created Date = 2007-08-07 00:20:39 | Attr = H ]

$NtUninstallXPSEPSCLP$ -> %SystemRoot%\$NtUninstallXPSEPSCLP$ -> [Folder | Created Date = 2007-08-20 13:24:14 | Attr = H ]

addins -> %SystemRoot%\addins -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ALCFDRTM.EXE -> %SystemRoot%\ALCFDRTM.EXE -> Realtek Semiconductor Corp. [Ver = 1.01 | Size = 60416 bytes | Created Date = 2007-07-26 15:19:39 | Attr = ]

ALCFDRTM.VER -> %SystemRoot%\ALCFDRTM.VER -> Realtek Semiconductor Corp. [Ver = 1.01 | Size = 60416 bytes | Created Date = 2007-07-26 15:19:39 | Attr = ]

alcrmv.exe -> %SystemRoot%\alcrmv.exe -> Realtek Semiconductor Corp. [Ver = 1, 9, 0, 1 | Size = 200704 bytes | Created Date = 2007-07-23 21:35:43 | Attr = ]

alcupd.exe -> %SystemRoot%\alcupd.exe -> Realtek Semiconductor Corp. [Ver = 2, 0, 0, 1 | Size = 294912 bytes | Created Date = 2007-07-23 21:35:43 | Attr = ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ARJ.PIF -> %SystemRoot%\ARJ.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

Ascd_tmp.ini -> %SystemRoot%\Ascd_tmp.ini -> [Ver = | Size = 5733 bytes | Created Date = 2007-07-23 21:28:23 | Attr = ]

assembly -> %SystemRoot%\assembly -> [Folder | Created Date = 2007-07-23 21:44:24 | Attr = R S]

avrack.ini -> %SystemRoot%\avrack.ini -> [Ver = | Size = 164 bytes | Created Date = 2007-07-23 21:35:55 | Attr = ]

BissHM.ini -> %SystemRoot%\BissHM.ini -> [Ver = | Size = 251 bytes | Created Date = 2007-07-26 18:28:24 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Created Date = 2007-07-23 21:08:16 | Attr = S]

Bulles de savon.bmp -> %SystemRoot%\Bulles de savon.bmp -> [Ver = | Size = 65978 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 2007-09-05 00:41:26 | Attr = ]

CMDLIC.DLL -> %SystemRoot%\CMDLIC.DLL -> COMODO [Ver = 1.0.1.2 | Size = 208896 bytes | Created Date = 2007-08-03 06:34:25 | Attr = ]

Config -> %SystemRoot%\Config -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 2007-07-23 21:06:30 | Attr = ]

Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 2007-07-23 21:04:55 | Attr = ]

Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Created Date = 2007-07-23 21:30:52 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 2007-07-23 21:05:33 | Attr = S]

Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ehome -> %SystemRoot%\ehome -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 2007-09-05 00:42:28 | Attr = ]

Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = R S]

gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 13, 12551 | Size = 585791 bytes | Created Date = 2007-08-23 20:29:25 | Attr = ]

gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 13, 12551 | Size = 581632 bytes | Created Date = 2007-08-23 20:29:25 | Attr = ]

gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 297 bytes | Created Date = 2007-08-23 20:29:26 | Attr = ]

gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Created Date = 2007-08-23 20:29:25 | Attr = ]

Granit vert.bmp -> %SystemRoot%\Granit vert.bmp -> [Ver = | Size = 26582 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 2007-07-23 23:10:20 | Attr = H ]

ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 2007-07-25 12:24:40 | Attr = ]

ime -> %SystemRoot%\ime -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 2007-07-23 22:53:19 | Attr = HS]

Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Created Date = 2007-08-28 07:30:34 | Attr = ]

IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 2007-07-23 21:38:25 | Attr = ]

java -> %SystemRoot%\java -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Jour de pêche.bmp -> %SystemRoot%\Jour de pêche.bmp -> [Ver = | Size = 17336 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

LHA.PIF -> %SystemRoot%\LHA.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

Media -> %SystemRoot%\Media -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Created Date = 2007-07-23 21:44:24 | Attr = ]

mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1595 bytes | Created Date = 2007-07-24 22:47:08 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

mui -> %SystemRoot%\mui -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Mur de Santa Fe.bmp -> %SystemRoot%\Mur de Santa Fe.bmp -> [Ver = | Size = 65832 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 2007-08-29 06:44:19 | Attr = ]

network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 2007-07-23 23:09:17 | Attr = ]

nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 2007-09-05 00:41:26 | Attr = ]

NOCLOSE.PIF -> %SystemRoot%\NOCLOSE.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 385 bytes | Created Date = 2007-08-05 20:11:26 | Attr = ]

ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4205 bytes | Created Date = 2007-07-23 22:53:18 | Attr = ]

Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 2007-07-23 21:05:33 | Attr = R ]

pchealth -> %SystemRoot%\pchealth -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

PeerNet -> %SystemRoot%\PeerNet -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

pestpatrol5.INI -> %SystemRoot%\pestpatrol5.INI -> [Ver = | Size = 0 bytes | Created Date = 2007-07-28 12:25:33 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 2007-08-14 22:47:46 | Attr = H ]

PKUNZIP.PIF -> %SystemRoot%\PKUNZIP.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

PKZIP.PIF -> %SystemRoot%\PKZIP.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

Plume.bmp -> %SystemRoot%\Plume.bmp -> [Ver = | Size = 16730 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 2007-07-23 21:09:14 | Attr = ]

Provisioning -> %SystemRoot%\Provisioning -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Created Date = 2007-08-01 16:55:31 | Attr = ]

RAR.PIF -> %SystemRoot%\RAR.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Created Date = 2007-07-31 09:56:21 | Attr = ]

Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 2007-07-23 21:03:54 | Attr = ]

repair -> %SystemRoot%\repair -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Resources -> %SystemRoot%\Resources -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

Rivière Sumida.bmp -> %SystemRoot%\Rivière Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

Rosace bleue 16.bmp -> %SystemRoot%\Rosace bleue 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

RtlExUpd.dll -> %SystemRoot%\RtlExUpd.dll -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 1 | Size = 192512 bytes | Created Date = 2007-07-23 21:35:37 | Attr = ]

RtlRack.ini -> %SystemRoot%\RtlRack.ini -> [Ver = | Size = 169 bytes | Created Date = 2007-07-27 23:52:54 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Created Date = 2007-08-05 13:32:43 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 2007-07-23 21:09:15 | Attr = ]

SOUNDMAN.EXE -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.38 | Size = 77824 bytes | Created Date = 2007-07-23 21:35:53 | Attr = ]

srchasst -> %SystemRoot%\srchasst -> [Folder | Created Date = 2007-07-23 21:04:45 | Attr = ]

SummerProperties.dll -> %SystemRoot%\SummerProperties.dll -> frozenlogic.org [Ver = 1, 2, 0, 0 | Size = 86016 bytes | Created Date = 2007-07-25 09:21:17 | Attr = ]

Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 2007-07-23 22:42:19 | Attr = ]

SxsCaPendDel -> %SystemRoot%\SxsCaPendDel -> [Folder | Created Date = 2007-08-08 12:08:29 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

system32 -> %System32% -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 2007-07-23 21:04:48 | Attr = S]

Tasse à café.bmp -> %SystemRoot%\Tasse à café.bmp -> [Ver = | Size = 17062 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

Temp -> %SystemRoot%\Temp -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

UC.PIF -> %SystemRoot%\UC.PIF -> [Ver = | Size = 545 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

UNBOC.EXE -> %SystemRoot%\UNBOC.EXE -> COMODO [Ver = 4.24.001 | Size = 241904 bytes | Created Date = 2007-08-03 06:34:26 | Attr = ]

unins000.dat -> %SystemRoot%\unins000.dat -> [Ver = | Size = 964 bytes | Created Date = 2007-08-21 15:08:50 | Attr = ]

uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.924.0 | Size = 299520 bytes | Created Date = 2007-08-07 22:47:40 | Attr = ]

Unwash6.exe -> %SystemRoot%\Unwash6.exe -> Webroot Software, Inc. [Ver = 6.5.0.100 | Size = 69960 bytes | Created Date = 2007-08-28 06:26:21 | Attr = ]

vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 2007-07-23 21:03:58 | Attr = ]

vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 2007-07-23 21:03:58 | Attr = ]

Vent de prairie.bmp -> %SystemRoot%\Vent de prairie.bmp -> [Ver = | Size = 65954 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 2007-07-23 23:10:30 | Attr = ]

wcx_ftp.ini -> %SystemRoot%\wcx_ftp.ini -> [Ver = | Size = 135 bytes | Created Date = 2007-08-18 10:03:52 | Attr = ]

Web -> %SystemRoot%\Web -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = R ]

wincmd.ini -> %SystemRoot%\wincmd.ini -> [Ver = | Size = 4618 bytes | Created Date = 2007-08-18 09:50:23 | Attr = ]

WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

winnt.bmp -> %SystemRoot%\winnt.bmp -> [Ver = | Size = 49102 bytes | Created Date = 2007-07-23 21:04:55 | Attr = HS]

winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [Ver = | Size = 49102 bytes | Created Date = 2007-07-23 21:04:55 | Attr = HS]

WinSxS -> %SystemRoot%\WinSxS -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 2007-07-23 21:06:21 | Attr = ]

WORDPAD.INI -> %SystemRoot%\WORDPAD.INI -> [Ver = | Size = 754 bytes | Created Date = 2007-07-25 15:21:41 | Attr = ]

Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 2007-07-23 21:03:32 | Attr = ]

zipinst.exe -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Created Date = 2007-09-04 18:07:47 | Attr = ]

desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 2007-07-23 21:04:48 | Attr = RH ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 2007-07-23 21:09:14 | Attr = H ]

$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 261 bytes | Created Date = 2007-07-23 22:51:38 | Attr = ]

1025 -> %System32%\1025 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1028 -> %System32%\1028 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1031 -> %System32%\1031 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1033 -> %System32%\1033 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1036 -> %System32%\1036 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1037 -> %System32%\1037 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1041 -> %System32%\1041 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1042 -> %System32%\1042 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

1054 -> %System32%\1054 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

2052 -> %System32%\2052 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

3076 -> %System32%\3076 -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

3com_dmi -> %System32%\3com_dmi -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

acaebfcdf2_r.ocx -> %System32%\acaebfcdf2_r.ocx -> [Ver = | Size = 23 bytes | Created Date = 2007-07-23 22:06:19 | Attr = ]

ALSNDMGR.CPL -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.43 | Size = 18706432 bytes | Created Date = 2007-07-23 21:35:43 | Attr = ]

ALSNDMGR.WAV -> %System32%\ALSNDMGR.WAV -> [Ver = | Size = 141016 bytes | Created Date = 2007-07-23 21:35:49 | Attr = ]

amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 2007-07-23 21:06:22 | Attr = ]

appmgmt -> %System32%\appmgmt -> [Folder | Created Date = 2007-08-08 12:08:29 | Attr = ]

AsIO.dll -> %System32%\AsIO.dll -> [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Created Date = 2007-08-07 23:27:31 | Attr = R ]

ati2sgag.exe -> %System32%\ati2sgag.exe -> [Ver = 5.13.0024 | Size = 516096 bytes | Created Date = 2007-07-23 21:44:00 | Attr = ]

atifglpf.xml -> %System32%\atifglpf.xml -> [Ver = | Size = 5496 bytes | Created Date = 2007-07-23 21:43:56 | Attr = R ]

atiicdxx.dat -> %System32%\atiicdxx.dat -> [Ver = | Size = 95617 bytes | Created Date = 2007-07-23 21:43:56 | Attr = R ]

atiiiexx.dll -> %System32%\atiiiexx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4004 | Size = 307200 bytes | Created Date = 2007-07-23 21:43:58 | Attr = R ]

AUTOEXEC.NT -> %System32%\AUTOEXEC.NT -> [Ver = | Size = 1896 bytes | Created Date = 2007-07-23 22:53:05 | Attr = ]

BASSMOD.dll -> %System32%\BASSMOD.dll -> [Ver = | Size = 10752 bytes | Created Date = 2007-07-31 09:37:06 | Attr = ]

bdco1.dll -> %System32%\bdco1.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 9728 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

bdco1ins.dll -> %System32%\bdco1ins.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 9728 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

bopomofo.uce -> %System32%\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

BuzzingBee.wav -> %System32%\BuzzingBee.wav -> [Ver = | Size = 146650 bytes | Created Date = 2007-07-26 15:19:41 | Attr = ]

CapabilityTable.exe -> %System32%\CapabilityTable.exe -> NVIDIA Corporation [Ver = 2, 2, 1, 464 | Size = 454656 bytes | Created Date = 2007-07-23 21:30:27 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Created Date = 2007-07-23 22:52:46 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Created Date = 2007-07-23 22:52:46 | Attr = ]

cdplayer.exe.manifest -> %System32%\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

CDWriterXP.ocx -> %System32%\CDWriterXP.ocx -> NUGROOVZ [Ver = 2, 0, 0, 1 | Size = 647168 bytes | Created Date = 2007-08-07 00:26:34 | Attr = ]

ChCfg.exe -> %System32%\ChCfg.exe -> [Ver = | Size = 40960 bytes | Created Date = 2007-07-23 21:35:53 | Attr = ]

Com -> %System32%\Com -> [Folder | Created Date = 2007-07-23 21:03:15 | Attr = ]

config -> %System32%\config -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Created Date = 2007-07-23 21:06:30 | Attr = ]

c_10006.nls -> %System32%\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:11 | Attr = ]

c_10007.nls -> %System32%\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:12 | Attr = ]

c_10010.nls -> %System32%\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:08 | Attr = ]

c_10017.nls -> %System32%\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:12 | Attr = ]

c_10029.nls -> %System32%\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:08 | Attr = ]

c_10081.nls -> %System32%\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:13 | Attr = ]

c_10082.nls -> %System32%\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:08 | Attr = ]

c_20127.nls -> %System32%\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:07 | Attr = ]

C_28594.NLS -> %System32%\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:10 | Attr = ]

C_28595.NLS -> %System32%\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:12 | Attr = ]

C_28597.NLS -> %System32%\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:11 | Attr = ]

c_28599.nls -> %System32%\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:13 | Attr = ]

c_28603.nls -> %System32%\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:14 | Attr = ]

c_737.nls -> %System32%\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:11 | Attr = ]

c_852.nls -> %System32%\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:08 | Attr = ]

c_855.nls -> %System32%\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:10 | Attr = ]

c_857.nls -> %System32%\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:13 | Attr = ]

c_866.nls -> %System32%\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:10 | Attr = ]

c_869.nls -> %System32%\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 2007-07-23 22:53:11 | Attr = ]

c_875.nls -> %System32%\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 2007-07-23 22:53:11 | Attr = ]

decdnet.dll -> %System32%\decdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 61952 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 2007-07-23 21:04:55 | Attr = ]

dgrpsetu.dll -> %System32%\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 2007-07-23 22:53:07 | Attr = ]

dgsetup.dll -> %System32%\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 86044 bytes | Created Date = 2007-07-23 22:53:07 | Attr = ]

dhcp -> %System32%\dhcp -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

DirectX -> %System32%\DirectX -> [Folder | Created Date = 2007-07-23 21:05:10 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

drivers -> %System32%\drivers -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 21892 bytes | Created Date = 2007-07-23 21:04:07 | Attr = ]

en-us -> %System32%\en-us -> [Folder | Created Date = 2007-08-20 13:19:46 | Attr = ]

encdnet.dll -> %System32%\encdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 85504 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

EqnClass.Dll -> %System32%\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 2007-07-23 22:53:06 | Attr = ]

export -> %System32%\export -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

fdco1.dll -> %System32%\fdco1.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 201728 bytes | Created Date = 2007-07-23 21:29:37 | Attr = R ]

fdco1ins.dll -> %System32%\fdco1ins.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 201728 bytes | Created Date = 2007-07-23 21:29:37 | Attr = R ]

fddccfebcf_r.dll -> %System32%\fddccfebcf_r.dll -> [Ver = | Size = 23 bytes | Created Date = 2007-07-23 22:06:19 | Attr = HS]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 196160 bytes | Created Date = 2007-07-23 22:52:25 | Attr = ]

fr-fr -> %System32%\fr-fr -> [Folder | Created Date = 2007-07-23 23:10:30 | Attr = ]

gb2312.uce -> %System32%\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

GroupPolicy -> %System32%\GroupPolicy -> [Folder | Created Date = 2007-07-28 21:20:11 | Attr = H ]

hticons.dll -> %System32%\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 2007-07-23 21:03:36 | Attr = ]

hypertrm.dll -> %System32%\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.2563 | Size = 354304 bytes | Created Date = 2007-07-23 21:03:18 | Attr = ]

ias -> %System32%\ias -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

icsxml -> %System32%\icsxml -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

idecoi.dll -> %System32%\idecoi.dll -> NVIDIA Corporation [Ver = 1, 0, 0, 1 | Size = 300032 bytes | Created Date = 2007-07-23 21:30:18 | Attr = R ]

ideograf.uce -> %System32%\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

IME -> %System32%\IME -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

imon.dll -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Created Date = 2007-08-18 09:31:14 | Attr = ]

imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 142 bytes | Created Date = 2007-08-21 22:14:43 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

initdebug.nfo -> %System32%\initdebug.nfo -> [Ver = | Size = 45 bytes | Created Date = 2007-08-07 20:09:09 | Attr = ]

isrdbg32.dll -> %System32%\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 2007-07-23 21:04:34 | Attr = ]

java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 2007-07-23 22:44:44 | Attr = ]

javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Created Date = 2007-07-23 22:30:39 | Attr = ]

javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 2007-07-23 22:44:44 | Attr = ]

javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Created Date = 2007-07-23 22:44:44 | Attr = ]

kanji_1.uce -> %System32%\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

kanji_2.uce -> %System32%\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 2007-07-29 20:37:34 | Attr = ]

korean.uce -> %System32%\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

Lang -> %System32%\Lang -> [Folder | Created Date = 2007-07-26 15:19:37 | Attr = ]

libeay32_0.9.6l.dll -> %System32%\libeay32_0.9.6l.dll -> [Ver = | Size = 796312 bytes | Created Date = 2007-08-28 07:32:02 | Attr = ]

logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 2007-07-23 21:05:33 | Attr = RH ]

LoopyMusic.wav -> %System32%\LoopyMusic.wav -> [Ver = | Size = 940794 bytes | Created Date = 2007-07-26 15:19:41 | Attr = ]

Macromed -> %System32%\Macromed -> [Folder | Created Date = 2007-07-23 21:04:45 | Attr = ]

Microsoft -> %System32%\Microsoft -> [Folder | Created Date = 2007-07-23 21:09:14 | Attr = S]

moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 2007-09-05 00:41:25 | Attr = ]

MsDtc -> %System32%\MsDtc -> [Folder | Created Date = 2007-07-23 21:03:16 | Attr = ]

msdtcprf.h -> %System32%\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 2007-07-23 21:03:29 | Attr = ]

msdtcprf.ini -> %System32%\msdtcprf.ini -> [Ver = | Size = 3914 bytes | Created Date = 2007-07-23 21:03:29 | Attr = ]

MSWAY.dll -> %System32%\MSWAY.dll -> Canal+ Active [Ver = 4.4.0.0 | Size = 105272 bytes | Created Date = 2007-07-23 22:25:00 | Attr = ]

mui -> %System32%\mui -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

npp -> %System32%\npp -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 2007-07-23 21:06:22 | Attr = ]

nvconrm.dll -> %System32%\nvconrm.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 17 | Size = 32256 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

nvnrm.nvu -> %System32%\nvnrm.nvu -> [Ver = | Size = 3596 bytes | Created Date = 2007-07-23 21:29:36 | Attr = ]

nvsmb.nvu -> %System32%\nvsmb.nvu -> [Ver = | Size = 1231 bytes | Created Date = 2007-07-23 21:29:35 | Attr = R ]

NVUNINST.EXE -> %System32%\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 37 | Size = 176128 bytes | Created Date = 2007-07-23 21:29:35 | Attr = ]

nvunrm.exe -> %System32%\nvunrm.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 37 | Size = 176128 bytes | Created Date = 2007-07-23 21:29:36 | Attr = ]

nvusmb.exe -> %System32%\nvusmb.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 37 | Size = 176128 bytes | Created Date = 2007-07-23 21:29:35 | Attr = R ]

nwc.cpl.manifest -> %System32%\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

oobe -> %System32%\oobe -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

oodbs.lor -> %System32%\oodbs.lor -> [Ver = | Size = 14047 bytes | Created Date = 2007-09-03 15:47:20 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 1129320 bytes | Created Date = 2007-07-23 22:53:19 | Attr = ]

pnc3250.dll -> %System32%\pnc3250.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 130560 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

pncrt.dll -> %System32%\pncrt.dll -> RealNetworks, Inc. [Ver = 4.20.0000 | Size = 273408 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

pneng50.dll -> %System32%\pneng50.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 131072 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

pngu3263.dll -> %System32%\pngu3263.dll -> RealNetworks, Inc. [Ver = 6.3.0.226 | Size = 352768 bytes | Created Date = 2007-07-31 09:56:13 | Attr = ]

poweroff.exe -> %System32%\poweroff.exe -> Jorgen Bosman [Ver = 3, 0, 1, 3 | Size = 172032 bytes | Created Date = 2007-09-01 07:31:40 | Attr = ]

PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 2007-07-23 22:47:34 | Attr = ]

px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 547576 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

pxafs.dll -> %System32%\pxafs.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 129784 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

pxcpya64.exe -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.40a | Size = 64760 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.02.05a | Size = 510712 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.56a | Size = 72440 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

pxinsa64.exe -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.56a | Size = 64760 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 187128 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

pxsfs.dll -> %System32%\pxsfs.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 1628920 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 379640 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

ra3214_4.dll -> %System32%\ra3214_4.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 81920 bytes | Created Date = 2007-07-31 09:56:14 | Attr = ]

ra3228_8.dll -> %System32%\ra3228_8.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 72704 bytes | Created Date = 2007-07-31 09:56:14 | Attr = ]

ra32dnet.dll -> %System32%\ra32dnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 21504 bytes | Created Date = 2007-07-31 09:56:14 | Attr = ]

ra32sipr.dll -> %System32%\ra32sipr.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 87040 bytes | Created Date = 2007-07-31 09:56:14 | Attr = ]

raidmgmt.ini -> %System32%\raidmgmt.ini -> [Ver = | Size = 266 bytes | Created Date = 2007-07-23 21:28:52 | Attr = R ]

ras -> %System32%\ras -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Created Date = 2007-07-23 21:29:28 | Attr = ]

Restore -> %System32%\Restore -> [Folder | Created Date = 2007-07-23 21:04:35 | Attr = ]

rmbe3260.dll -> %System32%\rmbe3260.dll -> RealNetworks, Inc. [Ver = 6.0.7.26 | Size = 487936 bytes | Created Date = 2007-07-31 09:56:14 | Attr = ]

RTLCPAPI.dll -> %System32%\RTLCPAPI.dll -> [Ver = 1, 0, 0, 4 | Size = 156672 bytes | Created Date = 2007-07-23 21:35:53 | Attr = ]

RTLCPL.EXE -> %System32%\RTLCPL.EXE -> Realtek Semiconductor Corp. [Ver = 1.0.1.45 | Size = 9324032 bytes | Created Date = 2007-07-23 21:35:49 | Attr = ]

sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

SATA.bmp -> %System32%\SATA.bmp -> [Ver = | Size = 810056 bytes | Created Date = 2007-07-23 21:28:52 | Attr = R ]

Sblist.ocx -> %System32%\Sblist.ocx -> Global Components (GlobalCom@pobox.com) [Ver = 2, 0, 0, 17 | Size = 65536 bytes | Created Date = 2007-08-26 00:30:45 | Attr = ]

Setup -> %System32%\Setup -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

ShellExt -> %System32%\ShellExt -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

shiftjis.uce -> %System32%\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 2007-07-23 22:35:44 | Attr = ]

spool -> %System32%\spool -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

SpoonUninstall-dBpoweramp AAC Encoder.bmp -> %System32%\SpoonUninstall-dBpoweramp AAC Encoder.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:15:30 | Attr = ]

SpoonUninstall-dBpoweramp AAC Encoder.dat -> %System32%\SpoonUninstall-dBpoweramp AAC Encoder.dat -> [Ver = | Size = 3229 bytes | Created Date = 2007-08-05 13:15:30 | Attr = ]

SpoonUninstall-dBpowerAMP CD Writer.bmp -> %System32%\SpoonUninstall-dBpowerAMP CD Writer.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-07 00:26:35 | Attr = ]

SpoonUninstall-dBpowerAMP CD Writer.dat -> %System32%\SpoonUninstall-dBpowerAMP CD Writer.dat -> [Ver = | Size = 13767 bytes | Created Date = 2007-08-07 00:26:35 | Attr = ]

SpoonUninstall-dBpoweramp CLI Encoder.bmp -> %System32%\SpoonUninstall-dBpoweramp CLI Encoder.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:17:02 | Attr = ]

SpoonUninstall-dBpoweramp CLI Encoder.dat -> %System32%\SpoonUninstall-dBpoweramp CLI Encoder.dat -> [Ver = | Size = 2983 bytes | Created Date = 2007-08-05 13:17:02 | Attr = ]

SpoonUninstall-dBPowerAMP Dalet codec R2.bmp -> %System32%\SpoonUninstall-dBPowerAMP Dalet codec R2.bmp -> [Ver = | Size = 28898 bytes | Created Date = 2007-08-05 13:18:23 | Attr = ]

SpoonUninstall-dBPowerAMP Dalet codec R2.dat -> %System32%\SpoonUninstall-dBPowerAMP Dalet codec R2.dat -> [Ver = | Size = 705 bytes | Created Date = 2007-08-05 13:18:23 | Attr = ]

SpoonUninstall-dBpoweramp DirectShow Decoder.bmp -> %System32%\SpoonUninstall-dBpoweramp DirectShow Decoder.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:15:45 | Attr = ]

SpoonUninstall-dBpoweramp DirectShow Decoder.dat -> %System32%\SpoonUninstall-dBpoweramp DirectShow Decoder.dat -> [Ver = | Size = 2703 bytes | Created Date = 2007-08-05 13:15:45 | Attr = ]

SpoonUninstall-dBpoweramp DSP Effects.bmp -> %System32%\SpoonUninstall-dBpoweramp DSP Effects.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:14:32 | Attr = ]

SpoonUninstall-dBpoweramp DSP Effects.dat -> %System32%\SpoonUninstall-dBpoweramp DSP Effects.dat -> [Ver = | Size = 4511 bytes | Created Date = 2007-08-05 13:14:32 | Attr = ]

SpoonUninstall-dBpoweramp FLAC Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp FLAC Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:17:15 | Attr = ]

SpoonUninstall-dBpoweramp FLAC Codec.dat -> %System32%\SpoonUninstall-dBpoweramp FLAC Codec.dat -> [Ver = | Size = 2951 bytes | Created Date = 2007-08-05 13:17:15 | Attr = ]

SpoonUninstall-dBpoweramp m4a Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp m4a Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:18:47 | Attr = ]

SpoonUninstall-dBpoweramp m4a Codec.dat -> %System32%\SpoonUninstall-dBpoweramp m4a Codec.dat -> [Ver = | Size = 3552 bytes | Created Date = 2007-08-05 13:18:47 | Attr = ]

SpoonUninstall-dBpoweramp m4a Utilities.bmp -> %System32%\SpoonUninstall-dBpoweramp m4a Utilities.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:14:58 | Attr = ]

SpoonUninstall-dBpoweramp m4a Utilities.dat -> %System32%\SpoonUninstall-dBpoweramp m4a Utilities.dat -> [Ver = | Size = 3175 bytes | Created Date = 2007-08-05 13:14:58 | Attr = ]

SpoonUninstall-dBpoweramp Midi Decoder.bmp -> %System32%\SpoonUninstall-dBpoweramp Midi Decoder.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:18:33 | Attr = ]

SpoonUninstall-dBpoweramp Midi Decoder.dat -> %System32%\SpoonUninstall-dBpoweramp Midi Decoder.dat -> [Ver = | Size = 2649 bytes | Created Date = 2007-08-05 13:18:33 | Attr = ]

SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:15:59 | Attr = ]

SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat -> [Ver = | Size = 3107 bytes | Created Date = 2007-08-05 13:15:59 | Attr = ]

SpoonUninstall-dBpoweramp Musepack Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Musepack Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:17:33 | Attr = ]

SpoonUninstall-dBpoweramp Musepack Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Musepack Codec.dat -> [Ver = | Size = 3283 bytes | Created Date = 2007-08-05 13:17:33 | Attr = ]

SpoonUninstall-dBpoweramp Music Converter.bmp -> %System32%\SpoonUninstall-dBpoweramp Music Converter.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-07 00:28:16 | Attr = ]

SpoonUninstall-dBpoweramp Music Converter.dat -> %System32%\SpoonUninstall-dBpoweramp Music Converter.dat -> [Ver = | Size = 13083 bytes | Created Date = 2007-08-07 00:28:16 | Attr = ]

SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:19:21 | Attr = ]

SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat -> [Ver = | Size = 3030 bytes | Created Date = 2007-08-05 13:19:21 | Attr = ]

SpoonUninstall-dBpowerAMP Rename Extension.bmp -> %System32%\SpoonUninstall-dBpowerAMP Rename Extension.bmp -> [Ver = | Size = 28898 bytes | Created Date = 2007-08-07 00:24:07 | Attr = ]

SpoonUninstall-dBpowerAMP Rename Extension.dat -> %System32%\SpoonUninstall-dBpowerAMP Rename Extension.dat -> [Ver = | Size = 349 bytes | Created Date = 2007-08-07 00:24:07 | Attr = ]

SpoonUninstall-dBpowerAMP Tag From Filename.bmp -> %System32%\SpoonUninstall-dBpowerAMP Tag From Filename.bmp -> [Ver = | Size = 28898 bytes | Created Date = 2007-08-05 13:21:12 | Attr = ]

SpoonUninstall-dBpowerAMP Tag From Filename.dat -> %System32%\SpoonUninstall-dBpowerAMP Tag From Filename.dat -> [Ver = | Size = 2077 bytes | Created Date = 2007-08-05 13:21:12 | Attr = ]

SpoonUninstall-dBPowerAMP tooLame MP2 codec.bmp -> %System32%\SpoonUninstall-dBPowerAMP tooLame MP2 codec.bmp -> [Ver = | Size = 34358 bytes | Created Date = 2007-08-05 13:16:36 | Attr = ]

SpoonUninstall-dBPowerAMP tooLame MP2 codec.dat -> %System32%\SpoonUninstall-dBPowerAMP tooLame MP2 codec.dat -> [Ver = | Size = 1856 bytes | Created Date = 2007-08-05 13:16:36 | Attr = ]

SpoonUninstall-dBpowerAMP Update ID Tag.bmp -> %System32%\SpoonUninstall-dBpowerAMP Update ID Tag.bmp -> [Ver = | Size = 28898 bytes | Created Date = 2007-08-05 13:20:53 | Attr = ]

SpoonUninstall-dBpowerAMP Update ID Tag.dat -> %System32%\SpoonUninstall-dBpowerAMP Update ID Tag.dat -> [Ver = | Size = 1863 bytes | Created Date = 2007-08-05 13:20:53 | Attr = ]

SpoonUninstall-dBpoweramp WavPack Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp WavPack Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:17:48 | Attr = ]

SpoonUninstall-dBpoweramp WavPack Codec.dat -> %System32%\SpoonUninstall-dBpoweramp WavPack Codec.dat -> [Ver = | Size = 3007 bytes | Created Date = 2007-08-05 13:17:48 | Attr = ]

SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:16:49 | Attr = ]

SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat -> [Ver = | Size = 3365 bytes | Created Date = 2007-08-05 13:16:49 | Attr = ]

SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:15:08 | Attr = ]

SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat -> [Ver = | Size = 2765 bytes | Created Date = 2007-08-05 13:15:08 | Attr = ]

SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:16:10 | Attr = ]

SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat -> [Ver = | Size = 2961 bytes | Created Date = 2007-08-05 13:16:10 | Attr = ]

SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp -> [Ver = | Size = 33846 bytes | Created Date = 2007-08-05 13:14:43 | Attr = ]

SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat -> [Ver = | Size = 2793 bytes | Created Date = 2007-08-05 13:14:43 | Attr = ]

SpoonUninstall.exe -> %System32%\SpoonUninstall.exe -> [Ver = | Size = 4131192 bytes | Created Date = 2007-08-07 00:14:30 | Attr = ]

spxcoins.dll -> %System32%\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 2007-07-23 22:53:06 | Attr = ]

subrange.uce -> %System32%\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 2007-07-23 21:03:31 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 2007-09-05 00:41:25 | Attr = ]

swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 2007-09-05 00:41:25 | Attr = ]

swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 2007-09-05 00:41:25 | Attr = ]

SYNSOACC-Aide.chm -> %System32%\SYNSOACC-Aide.chm -> [Ver = | Size = 147425 bytes | Created Date = 2007-07-31 09:53:09 | Attr = ]

SYNSOACC-Help.chm -> %System32%\SYNSOACC-Help.chm -> [Ver = | Size = 114279 bytes | Created Date = 2007-07-31 09:53:09 | Attr = ]

SYNSOACC-Hilfe.chm -> %System32%\SYNSOACC-Hilfe.chm -> [Ver = | Size = 120468 bytes | Created Date = 2007-07-31 09:53:09 | Attr = ]

SYNSOACC.dll -> %System32%\SYNSOACC.dll -> SIA Syncrosoft [Ver = 1, 7, 3, 0 | Size = 708608 bytes | Created Date = 2007-07-31 09:53:05 | Attr = ]

SynsoLChk.dll -> %System32%\SynsoLChk.dll -> SIA Syncrosoft [Ver = 1, 0, 0, 1 | Size = 147456 bytes | Created Date = 2007-07-31 09:53:05 | Attr = ]

Synsopos.exe -> %System32%\Synsopos.exe -> SIA Syncrosoft [Ver = 9, 9, 0, 0 | Size = 45056 bytes | Created Date = 2007-07-31 09:53:07 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2302 bytes | Created Date = 2007-08-20 18:09:27 | Attr = ]

tslabels.h -> %System32%\tslabels.h -> [Ver = | Size = 3286 bytes | Created Date = 2007-07-23 21:03:30 | Attr = ]

tslabels.ini -> %System32%\tslabels.ini -> [Ver = | Size = 27768 bytes | Created Date = 2007-07-23 21:03:30 | Attr = ]

unacev2.dll -> %System32%\unacev2.dll -> [Ver = | Size = 75264 bytes | Created Date = 2007-07-25 14:59:55 | Attr = ]

UNRAR3.dll -> %System32%\UNRAR3.dll -> [Ver = | Size = 153088 bytes | Created Date = 2007-07-25 14:59:55 | Attr = ]

URTTemp -> %System32%\URTTemp -> [Folder | Created Date = 2007-07-23 21:44:24 | Attr = ]

usmt -> %System32%\usmt -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

usrlogon.cmd -> %System32%\usrlogon.cmd -> [Ver = | Size = 1263 bytes | Created Date = 2007-07-23 21:03:30 | Attr = ]

vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 2007-09-05 00:41:25 | Attr = ]

vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 52662 bytes | Created Date = 2007-08-28 07:31:55 | Attr = ]

vsdata.dll -> %System32%\vsdata.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 83696 bytes | Created Date = 2007-08-28 07:30:33 | Attr = ]

vsdatant.sys -> %System32%\vsdatant.sys -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 394192 bytes | Created Date = 2007-08-28 07:31:55 | Attr = ]

vsinit.dll -> %System32%\vsinit.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 157424 bytes | Created Date = 2007-08-28 07:30:33 | Attr = ]

vsmonapi.dll -> %System32%\vsmonapi.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 104176 bytes | Created Date = 2007-08-28 07:31:55 | Attr = ]

vspubapi.dll -> %System32%\vspubapi.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 276208 bytes | Created Date = 2007-08-28 07:31:55 | Attr = ]

vsregexp.dll -> %System32%\vsregexp.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 71408 bytes | Created Date = 2007-08-28 07:32:02 | Attr = ]

vsutil.dll -> %System32%\vsutil.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 472816 bytes | Created Date = 2007-08-28 07:30:30 | Attr = ]

vsutil_loc040c.dll -> %System32%\vsutil_loc040c.dll -> Zone Labs Inc. [Ver = 5.3.017.000 | Size = 54936 bytes | Created Date = 2007-08-28 07:32:05 | Attr = ]

vswmi.dll -> %System32%\vswmi.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 46832 bytes | Created Date = 2007-08-28 07:31:56 | Attr = ]

vsxml.dll -> %System32%\vsxml.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 100080 bytes | Created Date = 2007-08-28 07:31:56 | Attr = ]

vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Created Date = 2007-08-07 00:08:41 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

WindowsLogon.manifest -> %System32%\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Created Date = 2007-07-23 21:05:33 | Attr = RH ]

wins -> %System32%\wins -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

wmimgmt.msc -> %System32%\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 2007-07-23 21:03:25 | Attr = ]

wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 2007-07-23 21:05:28 | Attr = RH ]

xircom -> %System32%\xircom -> [Folder | Created Date = 2007-07-23 21:06:45 | Attr = ]

XPSViewer -> %System32%\XPSViewer -> [Folder | Created Date = 2007-08-20 13:19:48 | Attr = ]

zlcomm.dll -> %System32%\zlcomm.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 83696 bytes | Created Date = 2007-08-28 07:32:01 | Attr = ]

zlcommdb.dll -> %System32%\zlcommdb.dll -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 71408 bytes | Created Date = 2007-08-28 07:32:01 | Attr = ]

zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Created Date = 2007-08-28 07:32:08 | Attr = H ]

ZoneLabs -> %System32%\ZoneLabs -> [Folder | Created Date = 2007-08-28 07:31:55 | Attr = ]

zpeng24.dll -> %System32%\zpeng24.dll -> Python Software Foundation [Ver = 2.4.2 | Size = 1087216 bytes | Created Date = 2007-08-28 07:31:56 | Attr = ]

ALCXWDM.SYS -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5830 built by: WinDDK | Size = 2317504 bytes | Created Date = 2007-07-23 21:35:53 | Attr = ]

AmdK8.sys -> %System32%\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.2.2 (dnsrv(wmbla).050120-1444) | Size = 43008 bytes | Created Date = 2007-07-23 21:36:51 | Attr = ]

amon.sys -> %System32%\drivers\amon.sys -> Eset [Ver = 2, 70, 39 | Size = 512096 bytes | Created Date = 2007-08-18 09:31:14 | Attr = ]

ASACPI.sys -> %System32%\drivers\ASACPI.sys -> [Ver = 1043, 2, 15, 37 | Size = 5810 bytes | Created Date = 2007-07-23 21:28:25 | Attr = R ]

AsInsHelp32.sys -> %System32%\drivers\AsInsHelp32.sys -> [Ver = | Size = 3328 bytes | Created Date = 2007-08-07 23:27:28 | Attr = ]

AsInsHelp64.sys -> %System32%\drivers\AsInsHelp64.sys -> [Ver = | Size = 5120 bytes | Created Date = 2007-08-07 23:27:28 | Attr = ]

AsIO.sys -> %System32%\drivers\AsIO.sys -> [Ver = | Size = 4962 bytes | Created Date = 2007-08-07 23:27:31 | Attr = R ]

ASLM75.SYS -> %System32%\drivers\ASLM75.SYS -> [Ver = | Size = 6272 bytes | Created Date = 2007-08-07 22:47:50 | Attr = ]

ASUSHWIO.SYS -> %System32%\drivers\ASUSHWIO.SYS -> [Ver = | Size = 5824 bytes | Created Date = 2007-07-23 21:28:22 | Attr = ]

ativcaxx.cpa -> %System32%\drivers\ativcaxx.cpa -> [Ver = | Size = 524850 bytes | Created Date = 2007-07-23 21:43:55 | Attr = R ]

ativcaxx.vp -> %System32%\drivers\ativcaxx.vp -> [Ver = | Size = 929 bytes | Created Date = 2007-07-23 21:43:55 | Attr = R ]

ativckxx.vp -> %System32%\drivers\ativckxx.vp -> [Ver = | Size = 58560 bytes | Created Date = 2007-07-23 21:43:55 | Attr = ]

ativvpxx.vp -> %System32%\drivers\ativvpxx.vp -> [Ver = | Size = 21712 bytes | Created Date = 2007-07-23 21:43:55 | Attr = R ]

AvgArCln.sys -> %System32%\drivers\AvgArCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 2007-07-26 23:25:07 | Attr = ]

AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 2007-08-28 07:24:47 | Attr = ]

cdr4_xp.sys -> %System32%\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 9336 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 9464 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

cledx.sys -> %System32%\drivers\cledx.sys -> Team H2O [Ver = v0.3.1411 | Size = 33792 bytes | Created Date = 2007-07-31 09:53:18 | Attr = ]

disdn -> %System32%\drivers\disdn -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Created Date = 2007-07-23 22:49:00 | Attr = ]

gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3911 | Size = 70001 bytes | Created Date = 2007-08-23 20:29:25 | Attr = ]

nod32drv.sys -> %System32%\drivers\nod32drv.sys -> [Ver = | Size = 15424 bytes | Created Date = 2007-08-18 09:31:14 | Attr = ]

nvata.sys -> %System32%\drivers\nvata.sys -> NVIDIA Corporation [Ver = 5.10.2600.0534 built by: WinDDK | Size = 92800 bytes | Created Date = 2007-07-23 21:30:18 | Attr = R ]

NVENETFD.sys -> %System32%\drivers\NVENETFD.sys -> NVIDIA Corporation [Ver = 1.00.00.0482 | Size = 33536 bytes | Created Date = 2007-07-23 21:29:37 | Attr = R ]

nvnetbus.sys -> %System32%\drivers\nvnetbus.sys -> NVIDIA Corporation [Ver = 1.00.00.0482 | Size = 12928 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

nvnrm.sys -> %System32%\drivers\nvnrm.sys -> NVIDIA Corporation [Ver = 1.00.00.0482 | Size = 261888 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

nvsnpu.sys -> %System32%\drivers\nvsnpu.sys -> NVIDIA Corporation [Ver = 1.00.00.0482 | Size = 208256 bytes | Created Date = 2007-07-23 21:29:36 | Attr = R ]

PxHelp20.sys -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Created Date = 2007-08-07 00:08:42 | Attr = ]

snapman.sys -> %System32%\drivers\snapman.sys -> Acronis [Ver = 2.1 build 222 | Size = 99776 bytes | Created Date = 2007-08-28 05:19:08 | Attr = ]

synasUSB.sys -> %System32%\drivers\synasUSB.sys -> SIA Syncrosoft [Ver = 3.5.1.2 | Size = 16896 bytes | Created Date = 2007-07-31 09:53:08 | Attr = ]

umdf -> %System32%\drivers\umdf -> [Folder | Created Date = 2007-08-07 00:20:47 | Attr = ]

Adobe -> %AllUsersAppData%\Adobe -> [Folder | Created Date = 2007-07-28 16:34:27 | Attr = ]

Ahead -> %AllUsersAppData%\Ahead -> [Folder | Created Date = 2007-08-28 05:47:14 | Attr = ]

Babylon(2) -> %AllUsersAppData%\Babylon(2) -> [Folder | Created Date = 2007-08-05 13:29:06 | Attr = ]

desktop.ini -> %AllUsersAppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 2007-07-23 22:52:58 | Attr = HS]

Google -> %AllUsersAppData%\Google -> [Folder | Created Date = 2007-07-23 22:30:51 | Attr = ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 2007-07-25 14:31:28 | Attr = ]

logs -> %AllUsersAppData%\logs -> [Folder | Created Date = 2007-07-25 15:47:47 | Attr = ]

McAfee -> %AllUsersAppData%\McAfee -> [Folder | Created Date = 2007-07-26 16:56:39 | Attr = ]

Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Created Date = 2007-07-23 22:52:41 | Attr = S]

Nero -> %AllUsersAppData%\Nero -> [Folder | Created Date = 2007-08-28 05:45:29 | Attr = ]

PT2008 -> %AllUsersAppData%\PT2008 -> [Folder | Created Date = 2007-08-28 06:05:09 | Attr = ]

RoboForm -> %AllUsersAppData%\RoboForm -> [Folder | Created Date = 2007-08-30 08:50:22 | Attr = ]

SiteAdvisor -> %AllUsersAppData%\SiteAdvisor -> [Folder | Created Date = 2007-07-26 16:56:39 | Attr = ]

Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Created Date = 2007-07-24 13:05:45 | Attr = ]

TEMP -> %AllUsersAppData%\TEMP -> [Folder | Created Date = 2007-08-28 17:40:54 | Attr = ]

@Alternate Data Stream - 122 bytes -> %AllUsersAppData%\TEMP:5E1F4E0B ->

Webroot -> %AllUsersAppData%\Webroot -> [Folder | Created Date = 2007-07-26 14:07:18 | Attr = ]

Windows Genuine Advantage -> %AllUsersAppData%\Windows Genuine Advantage -> [Folder | Created Date = 2007-07-23 22:51:54 | Attr = ]

Ahead -> %UserAppData%\Ahead -> [Folder | Created Date = 2007-08-28 05:47:34 | Attr = ]

ATI -> %UserAppData%\ATI -> [Folder | Created Date = 2007-07-23 21:56:31 | Attr = ]

Babylon -> %UserAppData%\Babylon -> [Folder | Created Date = 2007-08-05 17:44:42 | Attr = ]

desktop.ini -> %UserAppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 2007-07-23 21:11:55 | Attr = HS]

Google -> %UserAppData%\Google -> [Folder | Created Date = 2007-07-23 22:32:58 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 2007-08-28 07:24:57 | Attr = ]

gtopala -> %UserAppData%\gtopala -> [Folder | Created Date = 2007-08-06 21:07:14 | Attr = ]

Help -> %UserAppData%\Help -> [Folder | Created Date = 2007-07-30 16:00:34 | Attr = ]

Identities -> %UserAppData%\Identities -> [Folder | Created Date = 2007-07-23 21:12:01 | Attr = ]

Jetico Personal Firewall -> %UserAppData%\Jetico Personal Firewall -> [Folder | Created Date = 2007-07-23 22:37:49 | Attr = ]

Leadertech -> %UserAppData%\Leadertech -> [Folder | Created Date = 2007-08-08 00:50:04 | Attr = ]

Macromedia -> %UserAppData%\Macromedia -> [Folder | Created Date = 2007-07-24 22:56:44 | Attr = ]

Microsoft -> %UserAppData%\Microsoft -> [Folder | Created Date = 2007-07-23 21:11:54 | Attr = S]

Mozilla -> %UserAppData%\Mozilla -> [Folder | Created Date = 2007-07-24 21:36:49 | Attr = ]

SiteAdvisor -> %UserAppData%\SiteAdvisor -> [Folder | Created Date = 2007-07-26 16:56:39 | Attr = ]

Steinberg -> %UserAppData%\Steinberg -> [Folder | Created Date = 2007-07-31 10:06:09 | Attr = ]

Sun -> %UserAppData%\Sun -> [Folder | Created Date = 2007-07-23 22:30:06 | Attr = ]

Thunderbird -> %UserAppData%\Thunderbird -> [Folder | Created Date = 2007-07-25 16:34:41 | Attr = ]

tor -> %UserAppData%\tor -> [Folder | Created Date = 2007-08-25 11:56:55 | Attr = ]

uTorrent -> %UserAppData%\uTorrent -> [Folder | Created Date = 2007-08-04 01:15:17 | Attr = ]

Vidalia -> %UserAppData%\Vidalia -> [Folder | Created Date = 2007-08-25 11:55:48 | Attr = ]

VSRevoGroup -> %UserAppData%\VSRevoGroup -> [Folder | Created Date = 2007-09-03 16:10:28 | Attr = ]

Webroot -> %UserAppData%\Webroot -> [Folder | Created Date = 2007-07-26 14:06:05 | Attr = ]

WinRAR -> %UserAppData%\WinRAR -> [Folder | Created Date = 2007-07-23 22:03:05 | Attr = ]

Adobe -> %LocalAppData%\Adobe -> [Folder | Created Date = 2007-07-28 16:39:24 | Attr = ]

Ahead -> %LocalAppData%\Ahead -> [Folder | Created Date = 2007-08-28 05:53:42 | Attr = ]

ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Created Date = 2007-07-23 21:56:29 | Attr = ]

ATI -> %LocalAppData%\ATI -> [Folder | Created Date = 2007-07-23 21:56:31 | Attr = ]

Babylon -> %LocalAppData%\Babylon -> [Folder | Created Date = 2007-08-05 18:08:55 | Attr = ]

Babylon(2) -> %LocalAppData%\Babylon(2) -> [Folder | Created Date = 2007-08-05 17:33:34 | Attr = ]

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 23040 bytes | Created Date = 2007-08-12 21:09:17 | Attr = ]

fusioncache.dat -> %LocalAppData%\fusioncache.dat -> [Ver = | Size = 130 bytes | Created Date = 2007-07-23 21:56:29 | Attr = ]

GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 43640 bytes | Created Date = 2007-07-23 21:12:15 | Attr = ]

GHISLER -> %LocalAppData%\GHISLER -> [Folder | Created Date = 2007-08-18 10:03:12 | Attr = ]

Google -> %LocalAppData%\Google -> [Folder | Created Date = 2007-07-23 22:32:58 | Attr = ]

Help -> %LocalAppData%\Help -> [Folder | Created Date = 2007-07-30 16:00:34 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 1578010 bytes | Created Date = 2007-07-23 21:32:53 | Attr = H ]

Microsoft -> %LocalAppData%\Microsoft -> [Folder | Created Date = 2007-07-23 21:11:54 | Attr = ]

Mozilla -> %LocalAppData%\Mozilla -> [Folder | Created Date = 2007-07-24 21:36:49 | Attr = ]

Thunderbird -> %LocalAppData%\Thunderbird -> [Folder | Created Date = 2007-07-25 16:34:41 | Attr = ]

desktop.ini -> %AllUsersDocuments%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 2007-07-23 22:52:58 | Attr = HS]

Ma musique -> %AllUsersDocuments%\Ma musique -> [Folder | Created Date = 2007-07-23 21:03:49 | Attr = R ]

Mes images -> %AllUsersDocuments%\Mes images -> [Folder | Created Date = 2007-07-23 21:04:25 | Attr = R ]

Mes vidéos -> %AllUsersDocuments%\Mes vidéos -> [Folder | Created Date = 2007-07-23 21:03:07 | Attr = R ]

a-squared -> %UserDocuments%\a-squared -> [Folder | Created Date = 2007-07-31 09:25:52 | Attr = ]

AlwaysUnloadDll.reg -> %UserDocuments%\AlwaysUnloadDll.reg -> [Ver = | Size = 125 bytes | Created Date = 2007-08-16 21:48:44 | Attr = ]

cache_dns.reg -> %UserDocuments%\cache_dns.reg -> [Ver = | Size = 289 bytes | Created Date = 2007-08-16 21:39:26 | Attr = ]

cc Clean avant scan complet_20070816_1527.reg -> %UserDocuments%\cc Clean avant scan complet_20070816_1527.reg -> [Ver = | Size = 2928 bytes | Created Date = 2007-08-16 14:28:05 | Attr = ]

cc_20070725_0012Repar CClean.reg -> %UserDocuments%\cc_20070725_0012Repar CClean.reg -> [Ver = | Size = 64660 bytes | Created Date = 2007-07-24 23:13:03 | Attr = ]

cc_20070725_1908Sup Thunder.reg -> %UserDocuments%\cc_20070725_1908Sup Thunder.reg -> [Ver = | Size = 150213 bytes | Created Date = 2007-07-25 18:08:47 | Attr = ]

cc_20070831_0721.reg -> %UserDocuments%\cc_20070831_0721.reg -> [Ver = | Size = 20117 bytes | Created Date = 2007-08-31 06:22:06 | Attr = ]

Conf.PT 2008 Pro -> %UserDocuments%\Conf.PT 2008 Pro -> [Folder | Created Date = 2007-08-28 06:16:06 | Attr = ]

CoolWebSearch_homesearch.php.htm -> %UserDocuments%\CoolWebSearch_homesearch.php.htm -> [Ver = | Size = 41398 bytes | Created Date = 2007-08-30 05:16:26 | Attr = ]

desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 79 bytes | Created Date = 2007-07-23 21:11:58 | Attr = HS]

frames2.php.htm -> %UserDocuments%\frames2.php.htm -> [Ver = | Size = 16697 bytes | Created Date = 2007-08-22 16:39:07 | Attr = ]

Ma musique -> %UserDocuments%\Ma musique -> [Folder | Created Date = 2007-07-23 21:11:58 | Attr = R ]

Mon nom.doc -> %UserDocuments%\Mon nom.doc -> [Ver = | Size = 42496 bytes | Created Date = 2007-08-20 13:46:10 | Attr = ]

Mes images -> %UserDocuments%\Mes images -> [Folder | Created Date = 2007-07-23 21:11:58 | Attr = R ]

My RoboForm Data -> %UserDocuments%\My RoboForm Data -> [Folder | Created Date = 2007-08-30 08:50:03 | Attr = ]

Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP.htm -> %UserDocuments%\Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP.htm -> [Ver = | Size = 15570 bytes | Created Date = 2007-08-29 04:45:23 | Attr = ]

Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP_fichiers -> %UserDocuments%\Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP_fichiers -> [Folder | Created Date = 2007-08-29 04:45:23 | Attr = ]

Nouveau fichier de paramètres.OPS -> %UserDocuments%\Nouveau fichier de paramètres.OPS -> [Ver = | Size = 24046 bytes | Created Date = 2007-08-05 14:39:06 | Attr = ]

O&O -> %UserDocuments%\O&O -> [Folder | Created Date = 2007-08-18 10:39:38 | Attr = ]

Personal Translator 2008 Professional -> %UserDocuments%\Personal Translator 2008 Professional -> [Folder | Created Date = 2007-08-28 06:09:27 | Attr = ]

Proxy Lists. Sorted by type. List #1.htm -> %UserDocuments%\Proxy Lists. Sorted by type. List #1.htm -> [Ver = | Size = 13905 bytes | Created Date = 2007-08-26 18:29:44 | Attr = ]

proxy.php.htm -> %UserDocuments%\proxy.php.htm -> [Ver = | Size = 700 bytes | Created Date = 2007-08-26 19:17:36 | Attr = ]

sup.easy cleanReg.htm -> %UserDocuments%\sup.easy cleanReg.htm -> [Ver = | Size = 11448 bytes | Created Date = 2007-08-01 09:29:14 | Attr = ]

AvRack.lnk -> %AllUsersDesktop%\AvRack.lnk -> [Ver = | Size = 1519 bytes | Created Date = 2007-07-23 21:35:57 | Attr = ]

Configuration.lnk -> %AllUsersDesktop%\Configuration.lnk -> [Ver = | Size = 1535 bytes | Created Date = 2007-08-05 17:14:14 | Attr = ]

Personal Translator 2008.lnk -> %AllUsersDesktop%\Personal Translator 2008.lnk -> [Ver = | Size = 962 bytes | Created Date = 2007-08-28 06:05:46 | Attr = ]

The KMPlayer FR.lnk -> %AllUsersDesktop%\The KMPlayer FR.lnk -> [Ver = | Size = 665 bytes | Created Date = 2007-08-07 00:31:45 | Attr = ]

Winamp.lnk -> %AllUsersDesktop%\Winamp.lnk -> [Ver = | Size = 654 bytes | Created Date = 2007-08-07 00:08:49 | Attr = ]

ATF-Cleaner.exe -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 2007-07-24 16:10:15 | Attr = ]

EVEREST Ultimate Edition.lnk -> %UserDesktop%\EVEREST Ultimate Edition.lnk -> [Ver = | Size = 787 bytes | Created Date = 2007-08-14 22:27:26 | Attr = ]

L'Assistant Dartybox.lnk -> %UserDesktop%\L'Assistant Dartybox.lnk -> [Ver = | Size = 1698 bytes | Created Date = 2007-08-08 12:14:33 | Attr = ]

Nuendo 3.lnk -> %UserDesktop%\Nuendo 3.lnk -> [Ver = | Size = 731 bytes | Created Date = 2007-07-31 10:05:50 | Attr = ]

Poste de travail.lnk -> %UserDesktop%\Poste de travail.lnk -> [Ver = | Size = 104 bytes | Created Date = 2007-07-24 14:19:38 | Attr = ]

Raccourci vers jv16PT.exe.lnk -> %UserDesktop%\Raccourci vers jv16PT.exe.lnk -> [Ver = | Size = 670 bytes | Created Date = 2007-08-01 11:30:42 | Attr = ]

Raccourci vers NoTrace.exe.lnk -> %UserDesktop%\Raccourci vers NoTrace.exe.lnk -> [Ver = | Size = 587 bytes | Created Date = 2007-08-01 18:50:59 | Attr = ]

Raccourci vers RegSeeker.exe.lnk -> %UserDesktop%\Raccourci vers RegSeeker.exe.lnk -> [Ver = | Size = 572 bytes | Created Date = 2007-08-01 10:36:29 | Attr = ]

Revo Uninstaller.lnk -> %UserDesktop%\Revo Uninstaller.lnk -> [Ver = | Size = 917 bytes | Created Date = 2007-09-03 16:09:43 | Attr = ]

Window Washer.lnk -> %UserDesktop%\Window Washer.lnk -> [Ver = | Size = 1596 bytes | Created Date = 2007-08-28 06:26:48 | Attr = ]

µpdater.lnk -> %UserDesktop%\µpdater.lnk -> [Ver = | Size = 1001 bytes | Created Date = 2007-08-06 10:01:59 | Attr = ]

Barre d'état système d'ATI CATALYST.lnk -> %AllUsersStartup%\Barre d'état système d'ATI CATALYST.lnk -> [Ver = | Size = 1851 bytes | Created Date = 2007-07-23 21:45:40 | Attr = ]

desktop.ini -> %AllUsersStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 2007-07-23 22:52:58 | Attr = HS]

desktop.ini -> %UserStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 2007-07-23 21:11:54 | Attr = HS]

ERUNT AutoBackup.lnk -> %UserStartup%\ERUNT AutoBackup.lnk -> [Ver = | Size = 767 bytes | Created Date = 2007-08-01 10:10:49 | Attr = ]

MRU-Blaster Silent Clean.lnk -> %UserStartup%\MRU-Blaster Silent Clean.lnk -> [Ver = | Size = 683 bytes | Created Date = 2007-07-24 15:28:35 | Attr = ]

TrayIt!.lnk -> %UserStartup%\TrayIt!.lnk -> [Ver = | Size = 604 bytes | Created Date = 2007-07-25 22:02:41 | Attr = ]

Acronis -> %CommonProgramFiles%\Acronis -> [Folder | Created Date = 2007-08-28 05:19:03 | Attr = ]

Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 2007-07-28 16:34:27 | Attr = ]

Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Created Date = 2007-08-28 05:45:29 | Attr = ]

DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Created Date = 2007-08-05 20:09:13 | Attr = ]

InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Created Date = 2007-07-23 21:28:54 | Attr = ]

Java -> %CommonProgramFiles%\Java -> [Folder | Created Date = 2007-07-23 22:30:28 | Attr = ]

Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Created Date = 2007-07-23 22:53:16 | Attr = ]

MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Created Date = 2007-07-23 21:04:47 | Attr = ]

ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 2007-07-23 22:53:18 | Attr = ]

Services -> %CommonProgramFiles%\Services -> [Folder | Created Date = 2007-07-23 21:04:49 | Attr = ]

SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Created Date = 2007-07-23 22:53:16 | Attr = ]

System -> %CommonProgramFiles%\System -> [Folder | Created Date = 2007-07-23 21:04:26 | Attr = ]

Webroot Shared -> %CommonProgramFiles%\Webroot Shared -> [Folder | Created Date = 2007-08-28 06:26:36 | Attr = ]

 

[Files/Folders - Modified Within 60 days]

AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = ]

Bases -> %SystemDrive%\Bases -> [Folder | Modified Date = 2007-09-01 18:45:56 | Attr = ]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 212 bytes | Modified Date = 2007-08-31 07:45:08 | Attr = HS]

ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 2007-09-05 01:46:52 | Attr = ]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2007-09-02 14:40:12 | Attr = ]

CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = ]

CWShredder -> %SystemDrive%\CWShredder -> [Folder | Modified Date = 2007-09-01 07:24:38 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2007-08-01 12:58:26 | Attr = ]

Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 2007-09-01 18:45:52 | Attr = ]

HijackThis-fr -> %SystemDrive%\HijackThis-fr -> [Folder | Modified Date = 2007-08-03 07:08:46 | Attr = ]

IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = RHS]

Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 2007-09-01 18:42:54 | Attr = ]

MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = RHS]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2007-09-04 19:07:48 | Attr = R ]

qoobox -> %SystemDrive%\qoobox -> [Folder | Modified Date = 2007-09-05 01:42:32 | Attr = ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 2007-07-29 16:52:38 | Attr = HS]

RegProt -> %SystemDrive%\RegProt -> [Folder | Modified Date = 2007-09-05 16:56:46 | Attr = ]

Rustbfix -> %SystemDrive%\Rustbfix -> [Folder | Modified Date = 2007-08-30 07:58:08 | Attr = ]

SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 2007-09-02 00:20:24 | Attr = ]

Smitfraudfix -> %SystemDrive%\Smitfraudfix -> [Folder | Modified Date = 2007-08-21 15:38:14 | Attr = ]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2007-08-31 07:43:18 | Attr = HS]

totalcmd -> %SystemDrive%\totalcmd -> [Folder | Modified Date = 2007-09-02 14:21:32 | Attr = ]

treeinfo.wc -> %SystemDrive%\treeinfo.wc -> [Ver = | Size = 196893 bytes | Modified Date = 2007-08-26 01:47:38 | Attr = H ]

WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2007-09-05 17:43:48 | Attr = ]

$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2007-08-20 14:13:34 | Attr = H ]

$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 2007-07-24 00:10:14 | Attr = H ]

$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 2007-07-24 00:10:04 | Attr = H ]

$NtUninstallKB920342$ -> %SystemRoot%\$NtUninstallKB920342$ -> [Folder | Modified Date = 2007-08-20 14:18:32 | Attr = H ]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 2007-08-20 14:25:26 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 2007-08-20 14:26:18 | Attr = H ]

$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Modified Date = 2007-08-20 14:26:08 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 2007-08-20 14:24:34 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 2007-08-20 14:25:32 | Attr = H ]

$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Modified Date = 2007-08-20 14:18:42 | Attr = H ]

$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Modified Date = 2007-08-07 01:20:42 | Attr = H ]

$NtUninstallXPSEPSCLP$ -> %SystemRoot%\$NtUninstallXPSEPSCLP$ -> [Folder | Modified Date = 2007-08-20 14:24:16 | Attr = H ]

addins -> %SystemRoot%\addins -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

ALCFDRTM.EXE -> %SystemRoot%\ALCFDRTM.EXE -> Realtek Semiconductor Corp. [Ver = 1.01 | Size = 60416 bytes | Modified Date = 2007-07-26 16:19:40 | Attr = ]

ALCFDRTM.VER -> %SystemRoot%\ALCFDRTM.VER -> Realtek Semiconductor Corp. [Ver = 1.01 | Size = 60416 bytes | Modified Date = 2007-08-29 07:54:36 | Attr = ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 2007-07-23 23:51:26 | Attr = ]

Ascd_tmp.ini -> %SystemRoot%\Ascd_tmp.ini -> [Ver = | Size = 5733 bytes | Modified Date = 2007-07-23 22:34:58 | Attr = ]

assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2007-08-20 18:26:48 | Attr = R S]

BissHM.ini -> %SystemRoot%\BissHM.ini -> [Ver = | Size = 251 bytes | Modified Date = 2007-08-21 15:58:44 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2007-09-05 16:53:38 | Attr = S]

catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Modified Date = 2007-07-20 00:47:24 | Attr = ]

Config -> %SystemRoot%\Config -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = ]

Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 2007-07-23 22:03:42 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2007-09-04 07:34:44 | Attr = ]

Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 2007-07-23 22:30:54 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2007-08-20 22:33:06 | Attr = S]

Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 2007-07-23 23:51:24 | Attr = ]

ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 2007-09-05 01:59:42 | Attr = ]

Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2007-08-21 15:59:38 | Attr = R S]

gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 13, 12551 | Size = 585791 bytes | Modified Date = 2007-08-23 21:29:26 | Attr = ]

gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 297 bytes | Modified Date = 2007-09-04 07:42:42 | Attr = ]

gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Modified Date = 2007-08-23 21:29:26 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2007-09-03 18:05:24 | Attr = ]

ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 2007-07-24 00:10:26 | Attr = H ]

ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 2007-07-25 13:24:42 | Attr = ]

ime -> %SystemRoot%\ime -> [Folder | Modified Date = 2007-07-23 22:06:46 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2007-09-03 18:05:24 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2007-09-02 14:40:12 | Attr = HS]

Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 2007-09-05 19:12:02 | Attr = ]

java -> %SystemRoot%\java -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

Media -> %SystemRoot%\Media -> [Folder | Modified Date = 2007-07-24 00:10:30 | Attr = ]

Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 2007-08-20 18:22:00 | Attr = ]

mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1595 bytes | Modified Date = 2007-07-28 17:31:52 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2007-07-24 00:14:26 | Attr = ]

msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

mui -> %SystemRoot%\mui -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 2007-09-02 02:06:56 | Attr = ]

network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 2007-07-24 00:09:18 | Attr = ]

ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 385 bytes | Modified Date = 2007-08-05 21:11:28 | Attr = ]

ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4205 bytes | Modified Date = 2007-07-23 22:06:16 | Attr = ]

Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 2007-07-23 22:05:34 | Attr = R ]

pchealth -> %SystemRoot%\pchealth -> [Folder | Modified Date = 2007-08-05 21:08:48 | Attr = ]

PeerNet -> %SystemRoot%\PeerNet -> [Folder | Modified Date = 2007-07-23 23:51:18 | Attr = ]

pestpatrol5.INI -> %SystemRoot%\pestpatrol5.INI -> [Ver = | Size = 0 bytes | Modified Date = 2007-07-28 13:25:34 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 2007-08-14 23:47:48 | Attr = H ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2007-09-05 02:50:00 | Attr = ]

Provisioning -> %SystemRoot%\Provisioning -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Modified Date = 2007-08-01 17:56:12 | Attr = ]

RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 2007-07-31 10:56:38 | Attr = ]

Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2007-09-05 16:54:08 | Attr = ]

repair -> %SystemRoot%\repair -> [Folder | Modified Date = 2007-07-23 22:06:46 | Attr = ]

Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

RtlRack.ini -> %SystemRoot%\RtlRack.ini -> [Ver = | Size = 169 bytes | Modified Date = 2007-08-26 19:23:10 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Modified Date = 2007-09-05 01:46:00 | Attr = ]

SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Modified Date = 2007-08-05 21:08:48 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 2007-07-23 23:46:14 | Attr = ]

srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 2007-07-23 22:05:16 | Attr = ]

SummerProperties.dll -> %SystemRoot%\SummerProperties.dll -> frozenlogic.org [Ver = 1, 2, 0, 0 | Size = 86016 bytes | Modified Date = 2007-07-25 10:21:18 | Attr = ]

Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 2007-07-23 23:42:20 | Attr = ]

SxsCaPendDel -> %SystemRoot%\SxsCaPendDel -> [Folder | Modified Date = 2007-08-14 00:38:50 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Modified Date = 2007-08-07 23:59:08 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 2007-08-31 07:45:08 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 2007-09-05 01:45:06 | Attr = ]

Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2007-09-03 21:40:32 | Attr = S]

Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2007-09-05 19:10:40 | Attr = ]

twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 2007-07-23 23:50:00 | Attr = ]

unins000.dat -> %SystemRoot%\unins000.dat -> [Ver = | Size = 964 bytes | Modified Date = 2007-08-21 16:08:52 | Attr = ]

Unwash6.exe -> %SystemRoot%\Unwash6.exe -> Webroot Software, Inc. [Ver = 6.5.0.100 | Size = 69960 bytes | Modified Date = 2007-08-09 13:56:20 | Attr = ]

vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 2007-07-23 22:04:00 | Attr = ]

vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 2007-07-23 22:04:00 | Attr = ]

WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 2007-07-24 00:10:32 | Attr = ]

wcx_ftp.ini -> %SystemRoot%\wcx_ftp.ini -> [Ver = | Size = 135 bytes | Modified Date = 2007-08-25 20:46:12 | Attr = ]

Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2007-08-03 14:47:32 | Attr = R ]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 477 bytes | Modified Date = 2007-08-31 07:45:08 | Attr = ]

wincmd.ini -> %SystemRoot%\wincmd.ini -> [Ver = | Size = 4618 bytes | Modified Date = 2007-09-05 17:45:30 | Attr = ]

WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2007-08-28 07:05:00 | Attr = ]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2007-07-31 10:56:34 | Attr = ]

WORDPAD.INI -> %SystemRoot%\WORDPAD.INI -> [Ver = | Size = 754 bytes | Modified Date = 2007-07-25 16:56:34 | Attr = ]

zipinst.exe -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Modified Date = 2007-09-04 19:07:48 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2007-09-03 22:13:38 | Attr = H ]

$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 261 bytes | Modified Date = 2007-07-23 22:08:18 | Attr = ]

1025 -> %System32%\1025 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1028 -> %System32%\1028 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1031 -> %System32%\1031 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1033 -> %System32%\1033 -> [Folder | Modified Date = 2007-07-23 23:49:40 | Attr = ]

1036 -> %System32%\1036 -> [Folder | Modified Date = 2007-07-23 23:50:02 | Attr = ]

1037 -> %System32%\1037 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1041 -> %System32%\1041 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1042 -> %System32%\1042 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

1054 -> %System32%\1054 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

2052 -> %System32%\2052 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

3076 -> %System32%\3076 -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

3com_dmi -> %System32%\3com_dmi -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

acaebfcdf2_r.ocx -> %System32%\acaebfcdf2_r.ocx -> [Ver = | Size = 23 bytes | Modified Date = 2007-07-23 23:06:20 | Attr = ]

amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 2007-07-23 22:06:24 | Attr = ]

appmgmt -> %System32%\appmgmt -> [Folder | Modified Date = 2007-08-08 13:08:30 | Attr = ]

BASSMOD.dll -> %System32%\BASSMOD.dll -> [Ver = | Size = 10752 bytes | Modified Date = 2007-08-26 18:57:34 | Attr = ]

BuzzingBee.wav -> %System32%\BuzzingBee.wav -> [Ver = | Size = 146650 bytes | Modified Date = 2007-07-26 16:19:42 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 2007-09-03 21:38:54 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 2007-09-05 18:05:00 | Attr = ]

cdplayer.exe.manifest -> %System32%\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

CDWriterXP.ocx -> %System32%\CDWriterXP.ocx -> NUGROOVZ [Ver = 2, 0, 0, 1 | Size = 647168 bytes | Modified Date = 2007-08-07 01:26:36 | Attr = ]

Com -> %System32%\Com -> [Folder | Modified Date = 2007-07-24 00:04:30 | Attr = ]

config -> %System32%\config -> [Folder | Modified Date = 2007-09-05 01:45:26 | Attr = ]

CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Modified Date = 2007-07-23 22:06:32 | Attr = ]

decdnet.dll -> %System32%\decdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 61952 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

dhcp -> %System32%\dhcp -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

DirectX -> %System32%\DirectX -> [Folder | Modified Date = 2007-08-28 06:45:02 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 2007-09-04 19:24:36 | Attr = ]

drivers -> %System32%\drivers -> [Folder | Modified Date = 2007-09-05 18:27:28 | Attr = ]

emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 21892 bytes | Modified Date = 2007-07-23 22:04:08 | Attr = ]

en-us -> %System32%\en-us -> [Folder | Modified Date = 2007-08-20 14:19:48 | Attr = ]

encdnet.dll -> %System32%\encdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 85504 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

export -> %System32%\export -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

fddccfebcf_r.dll -> %System32%\fddccfebcf_r.dll -> [Ver = | Size = 23 bytes | Modified Date = 2007-07-23 23:06:20 | Attr = HS]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 196160 bytes | Modified Date = 2007-08-22 13:32:24 | Attr = ]

fr-fr -> %System32%\fr-fr -> [Folder | Modified Date = 2007-08-20 14:24:00 | Attr = ]

GroupPolicy -> %System32%\GroupPolicy -> [Folder | Modified Date = 2007-07-29 12:16:56 | Attr = H ]

ias -> %System32%\ias -> [Folder | Modified Date = 2007-07-23 22:06:04 | Attr = ]

icsxml -> %System32%\icsxml -> [Folder | Modified Date = 2007-07-23 23:49:54 | Attr = ]

IME -> %System32%\IME -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

imon.dll -> %System32%\imon.dll -> Eset [Ver = 2, 70, 39 | Size = 298104 bytes | Modified Date = 2007-08-18 10:29:30 | Attr = ]

imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 142 bytes | Modified Date = 2007-09-05 01:45:58 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

initdebug.nfo -> %System32%\initdebug.nfo -> [Ver = | Size = 45 bytes | Modified Date = 2007-08-07 21:09:12 | Attr = ]

java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Modified Date = 2007-07-12 01:22:00 | Attr = ]

javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Modified Date = 2007-07-12 02:22:36 | Attr = ]

javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Modified Date = 2007-07-12 01:22:04 | Attr = ]

javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Modified Date = 2007-07-12 02:22:38 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 2007-07-29 21:37:36 | Attr = ]

Lang -> %System32%\Lang -> [Folder | Modified Date = 2007-07-26 16:19:38 | Attr = ]

logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2007-07-23 22:05:34 | Attr = RH ]

LoopyMusic.wav -> %System32%\LoopyMusic.wav -> [Ver = | Size = 940794 bytes | Modified Date = 2007-07-26 16:19:42 | Attr = ]

Macromed -> %System32%\Macromed -> [Folder | Modified Date = 2007-07-23 22:04:46 | Attr = ]

Microsoft -> %System32%\Microsoft -> [Folder | Modified Date = 2007-07-23 22:09:16 | Attr = S]

MsDtc -> %System32%\MsDtc -> [Folder | Modified Date = 2007-07-23 22:03:54 | Attr = ]

mui -> %System32%\mui -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

npp -> %System32%\npp -> [Folder | Modified Date = 2007-07-23 23:51:12 | Attr = ]

nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 2007-07-23 22:06:24 | Attr = ]

nwc.cpl.manifest -> %System32%\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

oobe -> %System32%\oobe -> [Folder | Modified Date = 2007-07-23 22:05:06 | Attr = ]

oodbs.lor -> %System32%\oodbs.lor -> [Ver = | Size = 14047 bytes | Modified Date = 2007-09-05 16:53:32 | Attr = ]

perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 73790 bytes | Modified Date = 2007-08-20 14:23:06 | Attr = ]

perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 87470 bytes | Modified Date = 2007-08-20 14:23:06 | Attr = ]

perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 444648 bytes | Modified Date = 2007-08-20 14:23:06 | Attr = ]

perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 513842 bytes | Modified Date = 2007-08-20 14:23:06 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 1129320 bytes | Modified Date = 2007-08-20 14:23:06 | Attr = ]

pnc3250.dll -> %System32%\pnc3250.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 130560 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

pncrt.dll -> %System32%\pncrt.dll -> RealNetworks, Inc. [Ver = 4.20.0000 | Size = 273408 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

pneng50.dll -> %System32%\pneng50.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 131072 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

pngu3263.dll -> %System32%\pngu3263.dll -> RealNetworks, Inc. [Ver = 6.3.0.226 | Size = 352768 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

poweroff.exe -> %System32%\poweroff.exe -> Jorgen Bosman [Ver = 3, 0, 1, 3 | Size = 172032 bytes | Modified Date = 2007-09-01 08:00:24 | Attr = ]

PreInstall -> %System32%\PreInstall -> [Folder | Modified Date = 2007-07-23 23:47:36 | Attr = ]

ra3214_4.dll -> %System32%\ra3214_4.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 81920 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

ra3228_8.dll -> %System32%\ra3228_8.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 72704 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

ra32dnet.dll -> %System32%\ra32dnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 21504 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

ra32sipr.dll -> %System32%\ra32sipr.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 87040 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

ras -> %System32%\ras -> [Folder | Modified Date = 2007-07-23 23:49:56 | Attr = ]

ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 2007-07-23 22:29:30 | Attr = ]

Restore -> %System32%\Restore -> [Folder | Modified Date = 2007-08-31 07:43:18 | Attr = ]

rmbe3260.dll -> %System32%\rmbe3260.dll -> RealNetworks, Inc. [Ver = 6.0.7.26 | Size = 487936 bytes | Modified Date = 2007-12-09 00:32:40 | Attr = ]

sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

Setup -> %System32%\Setup -> [Folder | Modified Date = 2007-07-23 23:51:34 | Attr = ]

ShellExt -> %System32%\ShellExt -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Modified Date = 2007-07-23 23:35:46 | Attr = ]

spool -> %System32%\spool -> [Folder | Modified Date = 2007-07-23 22:02:48 | Attr = ]

SpoonUninstall-dBpoweramp AAC Encoder.bmp -> %System32%\SpoonUninstall-dBpoweramp AAC Encoder.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:16:42 | Attr = ]

SpoonUninstall-dBpoweramp AAC Encoder.dat -> %System32%\SpoonUninstall-dBpoweramp AAC Encoder.dat -> [Ver = | Size = 3229 bytes | Modified Date = 2007-08-07 01:17:00 | Attr = ]

SpoonUninstall-dBpowerAMP CD Writer.bmp -> %System32%\SpoonUninstall-dBpowerAMP CD Writer.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:25:54 | Attr = ]

SpoonUninstall-dBpowerAMP CD Writer.dat -> %System32%\SpoonUninstall-dBpowerAMP CD Writer.dat -> [Ver = | Size = 13767 bytes | Modified Date = 2007-08-07 01:26:36 | Attr = ]

SpoonUninstall-dBpoweramp CLI Encoder.bmp -> %System32%\SpoonUninstall-dBpoweramp CLI Encoder.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-05 14:16:58 | Attr = ]

SpoonUninstall-dBpoweramp CLI Encoder.dat -> %System32%\SpoonUninstall-dBpoweramp CLI Encoder.dat -> [Ver = | Size = 2983 bytes | Modified Date = 2007-08-05 14:17:04 | Attr = ]

SpoonUninstall-dBPowerAMP Dalet codec R2.bmp -> %System32%\SpoonUninstall-dBPowerAMP Dalet codec R2.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 2007-08-07 01:21:34 | Attr = ]

SpoonUninstall-dBPowerAMP Dalet codec R2.dat -> %System32%\SpoonUninstall-dBPowerAMP Dalet codec R2.dat -> [Ver = | Size = 705 bytes | Modified Date = 2007-08-07 01:22:14 | Attr = ]

SpoonUninstall-dBpoweramp DirectShow Decoder.bmp -> %System32%\SpoonUninstall-dBpoweramp DirectShow Decoder.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:17:04 | Attr = ]

SpoonUninstall-dBpoweramp DirectShow Decoder.dat -> %System32%\SpoonUninstall-dBpoweramp DirectShow Decoder.dat -> [Ver = | Size = 2703 bytes | Modified Date = 2007-08-07 01:17:24 | Attr = ]

SpoonUninstall-dBpoweramp DSP Effects.bmp -> %System32%\SpoonUninstall-dBpoweramp DSP Effects.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:16:20 | Attr = ]

SpoonUninstall-dBpoweramp DSP Effects.dat -> %System32%\SpoonUninstall-dBpoweramp DSP Effects.dat -> [Ver = | Size = 4511 bytes | Modified Date = 2007-08-07 01:16:38 | Attr = ]

SpoonUninstall-dBpoweramp FLAC Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp FLAC Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:18:16 | Attr = ]

SpoonUninstall-dBpoweramp FLAC Codec.dat -> %System32%\SpoonUninstall-dBpoweramp FLAC Codec.dat -> [Ver = | Size = 2951 bytes | Modified Date = 2007-08-07 01:18:36 | Attr = ]

SpoonUninstall-dBpoweramp m4a Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp m4a Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:22:42 | Attr = ]

SpoonUninstall-dBpoweramp m4a Codec.dat -> %System32%\SpoonUninstall-dBpoweramp m4a Codec.dat -> [Ver = | Size = 3552 bytes | Modified Date = 2007-08-07 01:23:02 | Attr = ]

SpoonUninstall-dBpoweramp m4a Utilities.bmp -> %System32%\SpoonUninstall-dBpoweramp m4a Utilities.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:15:32 | Attr = ]

SpoonUninstall-dBpoweramp m4a Utilities.dat -> %System32%\SpoonUninstall-dBpoweramp m4a Utilities.dat -> [Ver = | Size = 3175 bytes | Modified Date = 2007-08-07 01:15:54 | Attr = ]

SpoonUninstall-dBpoweramp Midi Decoder.bmp -> %System32%\SpoonUninstall-dBpoweramp Midi Decoder.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:22:16 | Attr = ]

SpoonUninstall-dBpoweramp Midi Decoder.dat -> %System32%\SpoonUninstall-dBpoweramp Midi Decoder.dat -> [Ver = | Size = 2649 bytes | Modified Date = 2007-08-07 01:22:36 | Attr = ]

SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:17:30 | Attr = ]

SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat -> [Ver = | Size = 3107 bytes | Modified Date = 2007-08-07 01:17:48 | Attr = ]

SpoonUninstall-dBpoweramp Musepack Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Musepack Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:18:40 | Attr = ]

SpoonUninstall-dBpoweramp Musepack Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Musepack Codec.dat -> [Ver = | Size = 3283 bytes | Modified Date = 2007-08-07 01:19:00 | Attr = ]

SpoonUninstall-dBpoweramp Music Converter.bmp -> %System32%\SpoonUninstall-dBpoweramp Music Converter.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:27:44 | Attr = ]

SpoonUninstall-dBpoweramp Music Converter.dat -> %System32%\SpoonUninstall-dBpoweramp Music Converter.dat -> [Ver = | Size = 13083 bytes | Modified Date = 2007-08-07 01:28:18 | Attr = ]

SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:23:08 | Attr = ]

SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat -> [Ver = | Size = 3030 bytes | Modified Date = 2007-08-07 01:23:26 | Attr = ]

SpoonUninstall-dBpowerAMP Rename Extension.bmp -> %System32%\SpoonUninstall-dBpowerAMP Rename Extension.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 2007-08-07 01:24:00 | Attr = ]

SpoonUninstall-dBpowerAMP Rename Extension.dat -> %System32%\SpoonUninstall-dBpowerAMP Rename Extension.dat -> [Ver = | Size = 349 bytes | Modified Date = 2007-08-07 01:24:08 | Attr = ]

SpoonUninstall-dBpowerAMP Tag From Filename.bmp -> %System32%\SpoonUninstall-dBpowerAMP Tag From Filename.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 2007-08-07 01:24:20 | Attr = ]

SpoonUninstall-dBpowerAMP Tag From Filename.dat -> %System32%\SpoonUninstall-dBpowerAMP Tag From Filename.dat -> [Ver = | Size = 2077 bytes | Modified Date = 2007-08-07 01:24:38 | Attr = ]

SpoonUninstall-dBPowerAMP tooLame MP2 codec.bmp -> %System32%\SpoonUninstall-dBPowerAMP tooLame MP2 codec.bmp -> [Ver = | Size = 34358 bytes | Modified Date = 2007-08-05 14:16:16 | Attr = ]

SpoonUninstall-dBPowerAMP tooLame MP2 codec.dat -> %System32%\SpoonUninstall-dBPowerAMP tooLame MP2 codec.dat -> [Ver = | Size = 1856 bytes | Modified Date = 2007-08-05 14:16:38 | Attr = ]

SpoonUninstall-dBpowerAMP Update ID Tag.bmp -> %System32%\SpoonUninstall-dBpowerAMP Update ID Tag.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 2007-08-07 01:25:20 | Attr = ]

SpoonUninstall-dBpowerAMP Update ID Tag.dat -> %System32%\SpoonUninstall-dBpowerAMP Update ID Tag.dat -> [Ver = | Size = 1863 bytes | Modified Date = 2007-08-07 01:25:36 | Attr = ]

SpoonUninstall-dBpoweramp WavPack Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp WavPack Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:19:04 | Attr = ]

SpoonUninstall-dBpoweramp WavPack Codec.dat -> %System32%\SpoonUninstall-dBpoweramp WavPack Codec.dat -> [Ver = | Size = 3007 bytes | Modified Date = 2007-08-07 01:19:20 | Attr = ]

SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:19:28 | Attr = ]

SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat -> %System32%\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat -> [Ver = | Size = 3365 bytes | Modified Date = 2007-08-07 01:19:44 | Attr = ]

SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:15:58 | Attr = ]

SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat -> [Ver = | Size = 2765 bytes | Modified Date = 2007-08-07 01:16:10 | Attr = ]

SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:17:54 | Attr = ]

SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat -> [Ver = | Size = 2961 bytes | Modified Date = 2007-08-07 01:18:04 | Attr = ]

SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp -> %System32%\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp -> [Ver = | Size = 33846 bytes | Modified Date = 2007-08-07 01:15:12 | Attr = ]

SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat -> %System32%\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat -> [Ver = | Size = 2793 bytes | Modified Date = 2007-08-07 01:15:28 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 2007-07-22 18:39:28 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2302 bytes | Modified Date = 2007-08-31 20:58:48 | Attr = ]

URTTemp -> %System32%\URTTemp -> [Folder | Modified Date = 2007-08-03 08:04:38 | Attr = ]

usmt -> %System32%\usmt -> [Folder | Modified Date = 2007-07-23 23:51:30 | Attr = ]

vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 52662 bytes | Modified Date = 2007-09-05 16:53:54 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Modified Date = 2007-08-08 12:07:24 | Attr = ]

WindowsLogon.manifest -> %System32%\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2007-07-23 22:05:34 | Attr = RH ]

wins -> %System32%\wins -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2007-09-03 16:47:32 | Attr = ]

wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2007-07-23 22:05:30 | Attr = RH ]

xircom -> %System32%\xircom -> [Folder | Modified Date = 2007-07-23 22:06:46 | Attr = ]

XPSViewer -> %System32%\XPSViewer -> [Folder | Modified Date = 2007-08-20 14:19:50 | Attr = ]

zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 2007-09-05 16:53:56 | Attr = H ]

ZoneLabs -> %System32%\ZoneLabs -> [Folder | Modified Date = 2007-08-28 19:31:42 | Attr = ]

amon.sys -> %System32%\drivers\amon.sys -> Eset [Ver = 2, 70, 39 | Size = 512096 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

disdn -> %System32%\drivers\disdn -> [Folder | Modified Date = 2007-07-23 23:49:02 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 2007-08-31 07:28:04 | Attr = ]

gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3911 | Size = 70001 bytes | Modified Date = 2007-08-23 21:29:26 | Attr = ]

nod32drv.sys -> %System32%\drivers\nod32drv.sys -> [Ver = | Size = 15424 bytes | Modified Date = 2007-08-18 10:29:28 | Attr = ]

snapman.sys -> %System32%\drivers\snapman.sys -> Acronis [Ver = 2.1 build 222 | Size = 99776 bytes | Modified Date = 2007-08-28 06:19:10 | Attr = ]

umdf -> %System32%\drivers\umdf -> [Folder | Modified Date = 2007-08-07 01:20:48 | Attr = ]

Adobe -> %AllUsersAppData%\Adobe -> [Folder | Modified Date = 2007-08-14 00:14:32 | Attr = ]

Ahead -> %AllUsersAppData%\Ahead -> [Folder | Modified Date = 2007-08-28 06:47:16 | Attr = ]

Babylon(2) -> %AllUsersAppData%\Babylon(2) -> [Folder | Modified Date = 2007-08-05 18:44:42 | Attr = ]

desktop.ini -> %AllUsersAppData%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 2007-07-23 23:53:00 | Attr = HS]

Google -> %AllUsersAppData%\Google -> [Folder | Modified Date = 2007-07-23 23:30:54 | Attr = ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 2007-07-25 15:31:30 | Attr = ]

logs -> %AllUsersAppData%\logs -> [Folder | Modified Date = 2007-07-25 16:47:48 | Attr = ]

McAfee -> %AllUsersAppData%\McAfee -> [Folder | Modified Date = 2007-07-26 17:56:40 | Attr = ]

Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 2007-07-24 16:01:18 | Attr = S]

Nero -> %AllUsersAppData%\Nero -> [Folder | Modified Date = 2007-08-28 06:45:30 | Attr = ]

PT2008 -> %AllUsersAppData%\PT2008 -> [Folder | Modified Date = 2007-08-28 07:05:10 | Attr = ]

RoboForm -> %AllUsersAppData%\RoboForm -> [Folder | Modified Date = 2007-08-30 09:50:24 | Attr = ]

SiteAdvisor -> %AllUsersAppData%\SiteAdvisor -> [Folder | Modified Date = 2007-07-26 17:56:40 | Attr = ]

Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 2007-09-04 07:28:54 | Attr = ]

TEMP -> %AllUsersAppData%\TEMP -> [Folder | Modified Date = 2007-08-30 05:16:36 | Attr = ]

@Alternate Data Stream - 122 bytes -> %AllUsersAppData%\TEMP:5E1F4E0B ->

Webroot -> %AllUsersAppData%\Webroot -> [Folder | Modified Date = 2007-09-03 21:08:58 | Attr = ]

Windows Genuine Advantage -> %AllUsersAppData%\Windows Genuine Advantage -> [Folder | Modified Date = 2007-07-23 23:51:56 | Attr = ]

Ahead -> %UserAppData%\Ahead -> [Folder | Modified Date = 2007-08-29 07:47:04 | Attr = ]

ATI -> %UserAppData%\ATI -> [Folder | Modified Date = 2007-07-23 22:56:32 | Attr = ]

Babylon -> %UserAppData%\Babylon -> [Folder | Modified Date = 2007-08-13 10:47:52 | Attr = ]

desktop.ini -> %UserAppData%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 2007-07-23 23:53:00 | Attr = HS]

Google -> %UserAppData%\Google -> [Folder | Modified Date = 2007-07-23 23:33:00 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 2007-08-28 08:24:58 | Attr = ]

gtopala -> %UserAppData%\gtopala -> [Folder | Modified Date = 2007-08-06 22:07:16 | Attr = ]

Help -> %UserAppData%\Help -> [Folder | Modified Date = 2007-07-30 17:00:36 | Attr = ]

Identities -> %UserAppData%\Identities -> [Folder | Modified Date = 2007-07-23 22:12:02 | Attr = ]

Jetico Personal Firewall -> %UserAppData%\Jetico Personal Firewall -> [Folder | Modified Date = 2007-07-23 23:37:50 | Attr = ]

Leadertech -> %UserAppData%\Leadertech -> [Folder | Modified Date = 2007-08-08 01:50:06 | Attr = ]

Macromedia -> %UserAppData%\Macromedia -> [Folder | Modified Date = 2007-07-24 23:56:46 | Attr = ]

Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 2007-09-02 14:39:26 | Attr = S]

Mozilla -> %UserAppData%\Mozilla -> [Folder | Modified Date = 2007-07-25 17:34:52 | Attr = ]

SiteAdvisor -> %UserAppData%\SiteAdvisor -> [Folder | Modified Date = 2007-07-26 17:56:40 | Attr = ]

Steinberg -> %UserAppData%\Steinberg -> [Folder | Modified Date = 2007-07-31 11:09:40 | Attr = ]

Sun -> %UserAppData%\Sun -> [Folder | Modified Date = 2007-07-23 23:30:08 | Attr = ]

Thunderbird -> %UserAppData%\Thunderbird -> [Folder | Modified Date = 2007-07-25 17:34:52 | Attr = ]

tor -> %UserAppData%\tor -> [Folder | Modified Date = 2007-08-28 20:08:24 | Attr = ]

uTorrent -> %UserAppData%\uTorrent -> [Folder | Modified Date = 2007-09-02 00:50:32 | Attr = ]

Vidalia -> %UserAppData%\Vidalia -> [Folder | Modified Date = 2007-08-30 12:52:46 | Attr = ]

VSRevoGroup -> %UserAppData%\VSRevoGroup -> [Folder | Modified Date = 2007-09-03 17:10:30 | Attr = ]

Webroot -> %UserAppData%\Webroot -> [Folder | Modified Date = 2007-09-03 21:08:58 | Attr = ]

WinRAR -> %UserAppData%\WinRAR -> [Folder | Modified Date = 2007-07-23 23:03:06 | Attr = ]

Adobe -> %LocalAppData%\Adobe -> [Folder | Modified Date = 2007-08-14 00:14:20 | Attr = ]

Ahead -> %LocalAppData%\Ahead -> [Folder | Modified Date = 2007-08-28 06:55:28 | Attr = ]

ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 2007-09-05 17:00:04 | Attr = ]

ATI -> %LocalAppData%\ATI -> [Folder | Modified Date = 2007-07-23 22:56:32 | Attr = ]

Babylon -> %LocalAppData%\Babylon -> [Folder | Modified Date = 2007-08-05 19:08:56 | Attr = ]

Babylon(2) -> %LocalAppData%\Babylon(2) -> [Folder | Modified Date = 2007-08-05 18:43:04 | Attr = ]

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 23040 bytes | Modified Date = 2007-08-19 21:37:16 | Attr = ]

fusioncache.dat -> %LocalAppData%\fusioncache.dat -> [Ver = | Size = 130 bytes | Modified Date = 2007-07-23 22:56:30 | Attr = ]

GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 43640 bytes | Modified Date = 2007-08-23 00:02:08 | Attr = ]

GHISLER -> %LocalAppData%\GHISLER -> [Folder | Modified Date = 2007-08-18 11:03:14 | Attr = ]

Google -> %LocalAppData%\Google -> [Folder | Modified Date = 2007-07-23 23:33:00 | Attr = ]

Help -> %LocalAppData%\Help -> [Folder | Modified Date = 2007-07-30 17:00:36 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 1578010 bytes | Modified Date = 2007-08-28 07:53:36 | Attr = H ]

Microsoft -> %LocalAppData%\Microsoft -> [Folder | Modified Date = 2007-09-02 00:55:14 | Attr = ]

Mozilla -> %LocalAppData%\Mozilla -> [Folder | Modified Date = 2007-07-24 22:36:50 | Attr = ]

Thunderbird -> %LocalAppData%\Thunderbird -> [Folder | Modified Date = 2007-07-25 17:34:58 | Attr = ]

desktop.ini -> %AllUsersDocuments%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 2007-07-23 23:53:00 | Attr = HS]

Ma musique -> %AllUsersDocuments%\Ma musique -> [Folder | Modified Date = 2007-07-23 22:04:58 | Attr = R ]

Mes images -> %AllUsersDocuments%\Mes images -> [Folder | Modified Date = 2007-07-23 22:04:56 | Attr = R ]

Mes vidéos -> %AllUsersDocuments%\Mes vidéos -> [Folder | Modified Date = 2007-07-23 22:03:08 | Attr = R ]

a-squared -> %UserDocuments%\a-squared -> [Folder | Modified Date = 2007-08-16 16:58:04 | Attr = ]

AlwaysUnloadDll.reg -> %UserDocuments%\AlwaysUnloadDll.reg -> [Ver = | Size = 125 bytes | Modified Date = 2007-08-16 22:48:48 | Attr = ]

cache_dns.reg -> %UserDocuments%\cache_dns.reg -> [Ver = | Size = 289 bytes | Modified Date = 2007-08-16 22:39:32 | Attr = ]

cc Clean avant scan complet_20070816_1527.reg -> %UserDocuments%\cc Clean avant scan complet_20070816_1527.reg -> [Ver = | Size = 2928 bytes | Modified Date = 2007-08-16 15:28:10 | Attr = ]

cc_20070725_0012Repar CClean.reg -> %UserDocuments%\cc_20070725_0012Repar CClean.reg -> [Ver = | Size = 64660 bytes | Modified Date = 2007-07-25 00:13:10 | Attr = ]

cc_20070725_1908Sup Thunder.reg -> %UserDocuments%\cc_20070725_1908Sup Thunder.reg -> [Ver = | Size = 150213 bytes | Modified Date = 2007-07-25 19:08:52 | Attr = ]

cc_20070831_0721.reg -> %UserDocuments%\cc_20070831_0721.reg -> [Ver = | Size = 20117 bytes | Modified Date = 2007-08-31 07:22:14 | Attr = ]

Conf.PT 2008 Pro -> %UserDocuments%\Conf.PT 2008 Pro -> [Folder | Modified Date = 2007-08-28 07:16:46 | Attr = ]

CoolWebSearch_homesearch.php.htm -> %UserDocuments%\CoolWebSearch_homesearch.php.htm -> [Ver = | Size = 41398 bytes | Modified Date = 2007-08-30 06:16:34 | Attr = ]

desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 79 bytes | Modified Date = 2007-07-24 00:14:38 | Attr = HS]

frames2.php.htm -> %UserDocuments%\frames2.php.htm -> [Ver = | Size = 16697 bytes | Modified Date = 2007-08-22 17:39:12 | Attr = ]

Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 2007-07-24 00:14:38 | Attr = R ]

Mon nom.doc -> %UserDocuments%\Mon nom.doc -> [Ver = | Size = 42496 bytes | Modified Date = 2007-08-20 14:46:12 | Attr = ]

Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 2007-09-05 19:05:56 | Attr = R ]

My RoboForm Data -> %UserDocuments%\My RoboForm Data -> [Folder | Modified Date = 2007-08-30 11:03:50 | Attr = ]

Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP.htm -> %UserDocuments%\Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP.htm -> [Ver = | Size = 15570 bytes | Modified Date = 2007-08-29 05:45:30 | Attr = ]

Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP_fichiers -> %UserDocuments%\Nilz Weblog » Blog Archive » S'authentifier en tant que SYSTEM sous Windows XP_fichiers -> [Folder | Modified Date = 2007-08-29 05:45:26 | Attr = ]

Nouveau fichier de paramètres.OPS -> %UserDocuments%\Nouveau fichier de paramètres.OPS -> [Ver = | Size = 24046 bytes | Modified Date = 2007-08-05 15:39:10 | Attr = ]

O&O -> %UserDocuments%\O&O -> [Folder | Modified Date = 2007-08-18 11:39:40 | Attr = ]

Personal Translator 2008 Professional -> %UserDocuments%\Personal Translator 2008 Professional -> [Folder | Modified Date = 2007-08-28 07:24:12 | Attr = ]

Proxy Lists. Sorted by type. List #1.htm -> %UserDocuments%\Proxy Lists. Sorted by type. List #1.htm -> [Ver = | Size = 13905 bytes | Modified Date = 2007-08-26 19:29:46 | Attr = ]

proxy.php.htm -> %UserDocuments%\proxy.php.htm -> [Ver = | Size = 700 bytes | Modified Date = 2007-08-26 20:17:38 | Attr = ]

sup.easy cleanReg.htm -> %UserDocuments%\sup.easy cleanReg.htm -> [Ver = | Size = 11448 bytes | Modified Date = 2007-08-01 10:29:16 | Attr = ]

AvRack.lnk -> %AllUsersDesktop%\AvRack.lnk -> [Ver = | Size = 1519 bytes | Modified Date = 2007-07-23 22:35:58 | Attr = ]

Configuration.lnk -> %AllUsersDesktop%\Configuration.lnk -> [Ver = | Size = 1535 bytes | Modified Date = 2007-07-23 23:23:40 | Attr = ]

Personal Translator 2008.lnk -> %AllUsersDesktop%\Personal Translator 2008.lnk -> [Ver = | Size = 962 bytes | Modified Date = 2007-08-28 07:05:48 | Attr = ]

The KMPlayer FR.lnk -> %AllUsersDesktop%\The KMPlayer FR.lnk -> [Ver = | Size = 665 bytes | Modified Date = 2007-08-07 01:31:46 | Attr = ]

Winamp.lnk -> %AllUsersDesktop%\Winamp.lnk -> [Ver = | Size = 654 bytes | Modified Date = 2007-08-07 01:08:50 | Attr = ]

ATF-Cleaner.exe -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 2007-08-25 15:48:52 | Attr = ]

EVEREST Ultimate Edition.lnk -> %UserDesktop%\EVEREST Ultimate Edition.lnk -> [Ver = | Size = 787 bytes | Modified Date = 2007-08-14 23:27:28 | Attr = ]

L'Assistant Dartybox.lnk -> %UserDesktop%\L'Assistant Dartybox.lnk -> [Ver = | Size = 1698 bytes | Modified Date = 2007-08-08 13:14:34 | Attr = ]

Nuendo 3.lnk -> %UserDesktop%\Nuendo 3.lnk -> [Ver = | Size = 731 bytes | Modified Date = 2007-07-31 10:56:38 | Attr = ]

Poste de travail.lnk -> %UserDesktop%\Poste de travail.lnk -> [Ver = | Size = 104 bytes | Modified Date = 2007-07-24 15:19:40 | Attr = ]

Raccourci vers jv16PT.exe.lnk -> %UserDesktop%\Raccourci vers jv16PT.exe.lnk -> [Ver = | Size = 670 bytes | Modified Date = 2007-08-01 12:30:44 | Attr = ]

Raccourci vers NoTrace.exe.lnk -> %UserDesktop%\Raccourci vers NoTrace.exe.lnk -> [Ver = | Size = 587 bytes | Modified Date = 2007-08-01 19:50:56 | Attr = ]

Raccourci vers RegSeeker.exe.lnk -> %UserDesktop%\Raccourci vers RegSeeker.exe.lnk -> [Ver = | Size = 572 bytes | Modified Date = 2007-08-01 11:44:18 | Attr = ]

Revo Uninstaller.lnk -> %UserDesktop%\Revo Uninstaller.lnk -> [Ver = | Size = 917 bytes | Modified Date = 2007-09-03 17:09:44 | Attr = ]

Window Washer.lnk -> %UserDesktop%\Window Washer.lnk -> [Ver = | Size = 1596 bytes | Modified Date = 2007-08-28 07:26:50 | Attr = ]

µpdater.lnk -> %UserDesktop%\µpdater.lnk -> [Ver = | Size = 1001 bytes | Modified Date = 2007-08-06 11:02:00 | Attr = ]

Barre d'état système d'ATI CATALYST.lnk -> %AllUsersStartup%\Barre d'état système d'ATI CATALYST.lnk -> [Ver = | Size = 1851 bytes | Modified Date = 2007-08-21 14:55:26 | Attr = ]

desktop.ini -> %AllUsersStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 2007-07-23 22:06:36 | Attr = HS]

desktop.ini -> %UserStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 2007-07-23 22:06:36 | Attr = HS]

ERUNT AutoBackup.lnk -> %UserStartup%\ERUNT AutoBackup.lnk -> [Ver = | Size = 767 bytes | Modified Date = 2007-08-01 11:10:50 | Attr = ]

MRU-Blaster Silent Clean.lnk -> %UserStartup%\MRU-Blaster Silent Clean.lnk -> [Ver = | Size = 683 bytes | Modified Date = 2007-07-24 16:28:36 | Attr = ]

TrayIt!.lnk -> %UserStartup%\TrayIt!.lnk -> [Ver = | Size = 604 bytes | Modified Date = 2007-08-24 13:41:14 | Attr = ]

Acronis -> %CommonProgramFiles%\Acronis -> [Folder | Modified Date = 2007-08-28 06:19:08 | Attr = ]

Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 2007-08-14 00:14:34 | Attr = ]

Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Modified Date = 2007-08-28 06:46:44 | Attr = ]

DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 2007-08-05 21:09:14 | Attr = ]

InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 2007-08-05 18:20:04 | Attr = ]

Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 2007-07-23 23:30:30 | Attr = ]

Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 2007-08-05 21:10:20 | Attr = ]

MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Modified Date = 2007-07-23 22:04:48 | Attr = ]

ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 2007-07-23 23:53:20 | Attr = ]

Services -> %CommonProgramFiles%\Services -> [Folder | Modified Date = 2007-07-23 22:04:52 | Attr = ]

SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Modified Date = 2007-07-23 23:53:18 | Attr = ]

System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 2007-08-05 14:32:48 | Attr = ]

Webroot Shared -> %CommonProgramFiles%\Webroot Shared -> [Folder | Modified Date = 2007-08-28 07:26:46 | Attr = ]

 

[File String Scan - Non-Microsoft Only]

PTech , ad-beh , abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %SystemDrive%\rapport Nettoyage SmitFraudFix.txt -> [Ver = | Size = 9516565 bytes | Modified Date = 2007-08-22 22:33:20 | Attr = ]

PTech , ad-beh , abetterinternet.com , ad-w-a-r-e.com , -> %SystemDrive%\rapport SmitFraudFix 31.08 .txt -> [Ver = | Size = 8431185 bytes | Modified Date = 2007-08-31 18:46:10 | Attr = ]

UPX! , UPX0 , -> %SystemRoot%\Unwash6.exe -> Webroot Software, Inc. [Ver = 6.5.0.100 | Size = 69960 bytes | Modified Date = 2007-08-09 13:56:20 | Attr = ]

UPX! , UPX0 , -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Modified Date = 2007-09-04 19:07:48 | Attr = ]

WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.43 | Size = 18706432 bytes | Modified Date = 2005-04-18 13:57:58 | Attr = ]

PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 2002-09-07 03:00:00 | Attr = ]

USERTRUST , -> %System32%\SpoonUninstall.exe -> [Ver = | Size = 4131192 bytes | Modified Date = 2007-07-02 19:09:04 | Attr = ]

UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 2007-07-22 18:39:28 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 2002-09-07 03:00:00 | Attr = ]

@Alternate Data Stream - 88 bytes -> %System32%\drivers\etc\tesgaz:SummaryInformation ->

@Alternate Data Stream - 0 bytes -> %System32%\drivers\etc\tesgaz:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->

PTech , ad-beh , abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\tesgaz -> [Ver = | Size = 9518036 bytes | Modified Date = 2007-08-21 22:35:06 | Attr = R ]

@Alternate Data Stream - 122 bytes -> %AllUsersAppData%\TEMP:5E1F4E0B ->

Call (RPC) Help , -> %UserDocuments%\CoolWebSearch_homesearch.php.htm -> [Ver = | Size = 41398 bytes | Modified Date = 2007-08-30 06:16:34 | Attr = ]

Call (RPC) Help , -> %UserDocuments%\emove instruction.txt -> [Ver = | Size = 23675 bytes | Modified Date = 2007-08-30 06:45:56 | Attr = ]

UPX! , UPX0 , -> %UserDesktop%\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 2007-08-25 15:48:52 | Attr = ]

 

< End of report >

 

 

 

Merci par avance je signale que j'ai SafeXP et XP AntiSpy .

 

amicalement

Modifié le 5 septembre 2007 par chtilo

[chtilo]

Bonsoir Charles ,

 

Et surtout merci du temps que tu m'accorde .

 

Pour restriction du registre et windows Update cela vient de XP AntiSpy donc si il le faut je pourrai te remettre un rapport sans.Par contre comme tu pourra l'observé pour l'infection j'ai supprimer des clé (infos sur sophos)Windows update donc même en enlevant l'option dans XP Anti Spy je ne peu les faire.

 

Pour les clé Windows Installer les clés vienne d'un topic du forum pour les message d'erreur mais sur pour DisableMSI je savait pas quel valeur mettre , mais en tout cas il ne se lance pas tout seul , pourtant il est en automatique.

 

Voici les seul info que je peu te donner car après en tout cas c'est pas moi qui ai touché ou changé quelque chose.

 

Encore merci,

 

amicalement.

[Thanos]

salut,

 

Pour restriction du registre et windows Update cela vient de XP AntiSpy donc si il le faut je pourrai te remettre un rapport sans

Ces restrictions, c'est toi qui les a mises donc ? veux tu t'en débarrasser ?

Pour les clé Windows Installer les clés vienne d'un topic du forum pour les message d'erreur mais sur pour DisableMSI je savait pas quel valeur mettre , mais en tout cas il ne se lance pas tout seul , pourtant il est en automatique.

Est ce que j'ai bien compris : tu ne parviens plus à installer de programmes ?

[chtilo]

Je peux installer mes pas désinstaller certaine il me dit que je n'ai pas les droit administrateur mais je suis administrateur

 

Pour Windows Installer j'ai réussi a le remettre met avant une installe je dois aller démarrer le service manuellement alors qu'il est en automatique. Sinon après il marche normalement.

 

Et pour Erunt pareil il ne démarre plus comme il devrait le faire et je dois donc faire les sauvegarde manuellement, normalement il est en autobackup.Et démarrage en même temps que windows.

 

Et par contre pour les Màj windows plus possible je veux dire une fois les option de SafeXP et XP antispy remit pour les faire et bien sa veut pas les faire pourtant je fais comme je faisait d'habitude mais pour la désinfection j'ai effacé des clés

 

Tout les message d'erreur que j'ai eu sont sur les deux topic , celui-ci et là si besoin d'autre infos ....

 

Pour les restriction (regedit et Màj automatique) oui c'est moi qui les mets XPSafe et XP Antispy permette de protéger un peu plus donc je les mets et retire suivant mes besoin.En tout cas l'accès au registre je l'ai encore.

 

Je sais pas si c'est réalisable mais je voudrai pouvoir récupérer les droit administrateur habituels car pour ma part je touche jamais au restriction et autres pour une simple raison ; j'y comprend rien donc a l'origine je n'ai rien mis a la place j'utilise XPSafe et XP Antispy qui me semble suffisant, qu'en pense tu ?

 

Mais si pour facilité les chose tu préfère tout remettre d'un coup registre et tout , fais le , je pourrai toujours re cocher les option après.

 

Encore merci Charles de m'aider , amicalement

Modifié le 5 septembre 2007 par chtilo

[Thanos]

Et par contre pour les Màj windows plus possible je veux dire une fois les option de SafeXP et XP antispy remit pour les faire et bien sa veut pas les faire pourtant je fais comme je faisait d'habitude mais pour la désinfection j'ai effacé des clés

une raison possible : l'utilisation de regprot qui surveille les modifications du registre.

Ouvre ton gestionnaire de tâches et mêt fin au proessus suivant > regprot.exe (clic droit dessus > Terminer le processus )

Il se relancera au prochain redémarrage. Je ne connais pas DynamicSecurityAgent, mais ce type de programme peut aussi

interférer et bloquer des modifications dans le registre...

 

Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot CODE)

dans le Panneau Paste fix here , puis clique sur le bouton Run Fix.

[Registry - Non-Microsoft Only]
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\DisableWindowsUpdate -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoWindowsUpdate -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\\DisableWindowsUpdateAccess -> 1

Le Fix va se faire rapidement: poste le rapport qui se trouve dans le dossier WinPFind3u( c'est un rapport qui a pour nom la date du jour\mois\année\heure).

 

Dis moi si tu as de nouveau accès aux mises à jour.