Rollandmbam

Perfect ! The last mbam scan didn't find anything ! Thank you a lot for your support !

Hello, First of all, thank you for your swift reply. Here is the log from the zoek.exe scan. zoek-results.log

Hello, Mbam detected this sneaky pup but couldn't resolve the problem and tells me I'm infected every time I start my computer, so here I am ! I attached the mbam and farbar's logs in the message. Thank you ! Addition.txt FRST.txt mbam.txt

Malwarebytes told me they were removed after rebooting my computer but I did the scan once more and "PUP.Optional.Conduit.A" appears again. Here is the new log : Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/21/2014Scan Time: 9:10:48 PMLogfile: mbam.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.21.05Rootkit Database: v2014.03.27.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledChameleon: Disabled OS: Windows XP Service Pack 3CPU: x86File System: NTFSUser: Anne-Marie Scan Type: Threat ScanResult: CompletedObjects Scanned: 228884Time Elapsed: 21 min, 56 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.Conduit.A, C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD3B4CC6C-C451-405B-982A-E41A71251D42", "http://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-04-12&ent=hp_656&u=3C09853C9AF232ECA43D9C5349009183" ],), ,[3fc1907023dd47b9589103527f859e62] Physical Sectors: 0(No malicious items detected) (end) Rolland

Ok, sorry about that. Here is the result of the Quick/threat scan : Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/20/2014Scan Time: 8:55:19 PMLogfile: mbam.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.20.06Rootkit Database: v2014.03.27.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledChameleon: Disabled OS: Windows XP Service Pack 3CPU: x86File System: NTFSUser: Anne-Marie Scan Type: Threat ScanResult: CompletedObjects Scanned: 228381Time Elapsed: 17 min, 25 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 1PUP.Optional.Incredibar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IB Updater, , [5ba5867a669a1be552f346262fd32ad6], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.Conduit.A, C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD3B4CC6C-C451-405B-982A-E41A71251D42", "http://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-04-12&ent=hp_656&u=3C09853C9AF232ECA43D9C5349009183" ],), ,[ea16e41c7e8231cf1361411417ed9c64] Physical Sectors: 0(No malicious items detected) (end) Thank you. Rolland

Hello, There is no "quickscan" option in the Malwarebytes on my computer. The only choices I have are : - Threat scan - Custom scan - Hyper scan I can't find the settings you asked me to check in this line either : Open up Malwarebytes => Settings Tab => Scanner Settings => Under action for PUP > Select: Show in Results List and Check for removal. Are you sure the Hyper scan isn't the same thing as a "quickscan" but just renamed in a new malwarebytes version ? Thank you, Rolland

Hello again, My version of malwarebytes doesn't have the same settings you asked me to check. So I did a "hyperscan" which I think is the same as "quick scan" ? Anyway, here are the results : Malwarebytes log : Malwarebytes Anti-Malwarewww.malwarebytes.org Date de l'examen: 4/19/2014Heure de l'examen: 4:52:51 PMFichier journal: Administrateur: Oui Version: 2.00.1.1004Base de données Malveillants: v2014.04.19.07Base de données Rootkits: v2014.03.27.01Licence: EssaiProtection contre les malveillants: Activé(e)Protection contre les sites Web malveillants: Activé(e)Chameleon: Désactivé(e) Système d'exploitation: Windows XP Service Pack 3Processeur: x86Système de fichiers: NTFSUtilisateur: Anne-Marie Type d'examen: Examen "Hyper"Résultat: TerminéObjets analysés: 189989Temps écoulé: 8 min, 1 sec Mémoire: Activé(e)Démarrage: Activé(e)Système de fichiers: Désactivé(e)Archives: Activé(e)Rootkits: Activé(e)Shuriken: Activé(e)PUP: Activé(e)PUM: Activé(e) Processus: 0(No malicious items detected) Modules: 0(No malicious items detected) Clés du Registre: 6PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, , [d32d39c737c9b64a2ca0db9039c97e82], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [53ad50b05ea2639dac1efd6e9171ad53], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, , [4eb26a969c648d736666ff6c1de5d42c], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [8b75748cbe42e31dbe0cc7a411f11fe1], PUP.Optional.Incredibar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IB Updater, , [926ec33d35cbf40c3d90b6b55ea4d62a], PUP.Optional.Incredibar.A, HKU\S-1-5-21-839522115-1645522239-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IB Updater, , [c8380df3d12fb64a804dc3a88f7330d0], Valeurs du Registre: 0(No malicious items detected) Données du Registre: 0(No malicious items detected) Dossiers: 0(No malicious items detected) Fichiers: 1PUP.Optional.Conduit.A, C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD3B4CC6C-C451-405B-982A-E41A71251D42", "http://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-04-12&ent=hp_656&u=3C09853C9AF232ECA43D9C5349009183" ],), ,[02feec14c83824dc4f7d1242c93b659b] Secteurs physiques: 0(No malicious items detected) (end) JRT scan :~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Microsoft Windows XP x86Ran by Anne-Marie on Sat 04/19/2014 at 17:04:31.40~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\imSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2724431Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF689A94-D5E6-4C6C-92FE-0E2B4545D534}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6BA4BBC5-3A34-465E-A7AD-CA216AD72022}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\premium"Successfully deleted: [Folder] "C:\Documents and Settings\Anne-Marie\Application Data\performersoft"Successfully deleted: [Folder] "C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\apn"Successfully deleted: [Folder] "C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\conduit"Successfully deleted: [Folder] "C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\cre"Successfully deleted: [Folder] "C:\Program Files\conduit"Successfully deleted: [Folder] "C:\Program Files\perion" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 04/19/2014 at 17:10:56.95End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner scan :# AdwCleaner v3.024 - Report created 19/04/2014 at 18:45:17# Updated 18/04/2014 by Xplode# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)# Username : Anne-Marie - TANK# Running from : C:\Documents and Settings\Anne-Marie\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjgKey Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdaterKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6AC4F2-9825-4FB6-A600-92BC5361F209}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DA17D5A-5718-4130-A605-FC316C827836}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6AC4F2-9825-4FB6-A600-92BC5361F209}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe]Key Deleted : HKCU\Software\FreeSoftTodayKey Deleted : HKCU\Software\TutorialsKey Deleted : HKCU\Software\TutoTagKey Deleted : HKLM\Software\free_soft_to_dayKey Deleted : HKLM\Software\TutorialsKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar CleanerKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Google Chrome v [ File : C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [2657 octets] - [19/04/2014 18:43:46]AdwCleaner[s0].txt - [2471 octets] - [19/04/2014 18:45:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2531 octets] ########## Thank you for your time. Rolland

Hello Borislav and first of all, thank you for doing this. I did as you recommended and deleted uTorrent from my computer. I did a new scan with Farbar and the logs are pasted below : FRST.txt : Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014Ran by Anne-Marie (administrator) on TANK on 17-04-2014 08:07:39Running from C:\Documents and Settings\Anne-Marie\Desktop\NicolasMicrosoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)Internet Explorer Version 8Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe(HP) C:\WINDOWS\system32\HPZipm12.exe(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe(Google Inc.) C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe(Google Inc.) C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [110696 2010-10-16] (NVIDIA Corporation)HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [13851752 2010-10-16] (NVIDIA Corporation)HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-08-26] ()HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3854640 2014-04-04] (AVAST Software)HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16261632 2006-07-21] (Realtek Semiconductor Corp.)HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1HKLM\...\Policies\Explorer: [NoSharedDocuments] 1HKU\.DEFAULT\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,NHKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\.DEFAULT\...\Policies\Explorer: [NoInstrumentation] 1HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1HKU\.DEFAULT\...\Policies\Explorer: [NoRecentDocsNetHood] 1HKU\.DEFAULT\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\.DEFAULT\...\Policies\Explorer: [NoRecentDocsHistory] 1HKU\.DEFAULT\...\Policies\Explorer: [NoUserNameInStartMenu] 0HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-19\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,NHKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-19\...\Policies\Explorer: [NoInstrumentation] 1HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsNetHood] 1HKU\S-1-5-19\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsHistory] 1HKU\S-1-5-19\...\Policies\Explorer: [NoUserNameInStartMenu] 0HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-20\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,NHKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-20\...\Policies\Explorer: [NoInstrumentation] 1HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsNetHood] 1HKU\S-1-5-20\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsHistory] 1HKU\S-1-5-20\...\Policies\Explorer: [NoUserNameInStartMenu] 0HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoResolveSearch] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoInstrumentation] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoInternetOpenWith] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoRecentDocsNetHood] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoRecentDocsHistory] 1HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoUserNameInStartMenu] 0HKU\S-1-5-21-839522115-1645522239-1177238915-1003\...\Policies\Explorer: [NoSaveSettings] 0SecurityProviders: schannel.dll, credssp.dll, digest.dll ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pandasecurity.mystart.com/?pr=vmn&id=pandasecuritytb&v=4_2&utm_campaign=656&idate=2014-04-12&ent=hp_656&u=3C09853C9AF232ECA43D9C5349009183HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieHKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieSearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://dts.search-results.com/sr?src=ieb&appid=141112&systemid=426&sr=0&q={searchTerms}SearchScopes: HKLM - {6B528F7B-1290-4F85-BA27-8515B393FF4B} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}SearchScopes: HKLM - {6BA4BBC5-3A34-465E-A7AD-CA216AD72022} URL = http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://dts.search-results.com/sr?src=ieb&appid=141112&systemid=426&sr=0&q={searchTerms}SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_2&idate=2014-04-12&ent=ch_656&q={searchTerms}SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_2&idate=2014-04-12&ent=ch_656&q={searchTerms}SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searSearchScopes: HKCU - {6B528F7B-1290-4F85-BA27-8515B393FF4B} URL = SearchScopes: HKCU - {6BA4BBC5-3A34-465E-A7AD-CA216AD72022} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://dts.search-results.com/sr?src=ieb&appid=141112&systemid=426&sr=0&q={searchTerms}SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2724431SearchScopes: HKCU - {CF689A94-D5E6-4C6C-92FE-0E2B4545D534} URL = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_FR&apn_ptnrs=^AU&apn_dtid=^YYYYYY^YY^FR&apn_uid=d2859905-f7b8-4a67-9998-c67bd2004e12&apn_sauid=FA5E3DC7-D9A7-418E-97FE-DD9B783AE335SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=Tkayfwg3V5BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No FileToolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileToolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cabWinsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Anne-Marie\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Anne-Marie\Application Data\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Anne-Marie\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Anne-Marie\Application Data\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Anne-Marie\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Anne-Marie\Application Data\mozilla\plugins\npo1d.dll (Google)FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Anne-Marie\Application Data\IDM\idmmzcc3 Chrome: =======CHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No FileCHR Plugin: (Java Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No FileCHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No FileCHR Plugin: (Microsoft\® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)CHR Plugin: (Microsoft\® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))CHR Plugin: (Google Update) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Ma-Config.com plugin) - C:\Program Files\ma-config.com\nphardwaredetection.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No FileCHR Extension: (AdBlock) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-12-23]CHR Extension: (New Tab for Chrome) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-12-11]CHR Extension: (Google Wallet) - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-08-31]CHR HKLM\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files\pandasecuritytb\chrome-newtab-search.crx [2013-08-31]CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\NewTab.crx [2012-12-11]CHR HKLM\...\Chrome\Extension: [kbffombmdffoemfimpemoaaplncjdgfm] - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\CRE\kbffombmdffoemfimpemoaaplncjdgfm.crx [2012-12-06]CHR HKCU\...\Chrome\Extension: [kbffombmdffoemfimpemoaaplncjdgfm] - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\CRE\kbffombmdffoemfimpemoaaplncjdgfm.crx [2012-12-06]CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\chrome.exeCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-04-04] (AVAST Software)R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-13] (Oracle Corporation)S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]U4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [16877 2002-07-17] (Adaptec)R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-04] (AVAST Software)R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-04-04] (AVAST Software)R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-04] ()R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-04-04] (AVAST Software)R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-04-04] (AVAST Software)R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-04] (AVAST Software)R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-04-04] ()R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-04-12] (Disc Soft Ltd)S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-16] (Malwarebytes Corporation)R3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [476544 2009-07-17] (Ralink Technology, Corp.)R0 Si3112; C:\WINDOWS\system32\Drivers\Si3112.sys [74280 2010-10-13] (Silicon Image, Inc)U4 ERSvc; U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.)S4 IntelIde; No ImagePathU1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-17 08:04 - 2014-04-17 08:07 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Desktop\Nicolas2014-04-16 16:24 - 2014-04-17 08:07 - 00000000 ____D () C:\FRST2014-04-15 21:39 - 2014-04-15 21:39 - 00000218 _____ () C:\Documents and Settings\Anne-Marie\.recently-used.xbel2014-04-15 20:26 - 2014-04-15 20:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\XLS to DBF Converter2014-04-13 21:22 - 2014-04-13 21:22 - 00009341 _____ () C:\WINDOWS\KB2925418-IE8.log2014-04-13 21:22 - 2014-04-13 21:22 - 00006726 _____ () C:\WINDOWS\iis6.log2014-04-13 21:22 - 2014-04-13 21:22 - 00006183 _____ () C:\WINDOWS\FaxSetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00003996 _____ () C:\WINDOWS\ocgen.log2014-04-13 21:22 - 2014-04-13 21:22 - 00002821 _____ () C:\WINDOWS\tsoc.log2014-04-13 21:22 - 2014-04-13 21:22 - 00002058 _____ () C:\WINDOWS\comsetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001892 _____ () C:\WINDOWS\msmqinst.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001374 _____ () C:\WINDOWS\imsins.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000342 _____ () C:\WINDOWS\ocmsn.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000311 _____ () C:\WINDOWS\tabletoc.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000000 _____ () C:\WINDOWS\setupact.log2014-04-13 19:06 - 2014-04-13 21:22 - 00002432 _____ () C:\WINDOWS\updspapi.log2014-04-13 19:06 - 2014-04-13 19:06 - 00011712 _____ () C:\WINDOWS\KB2509553.log2014-04-13 19:03 - 2014-04-13 19:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Program Files\Common Files\Java2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java2014-04-13 18:31 - 2014-04-13 18:31 - 00000105 _____ () C:\prefs.js2014-04-13 18:30 - 2014-02-17 21:18 - 00000426 _____ () C:\AVScanner.ini2014-04-13 18:25 - 2014-04-13 18:25 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk2014-04-13 18:25 - 2014-04-13 18:25 - 00000000 ____D () C:\Program Files\CCleaner2014-04-13 17:42 - 2014-04-16 15:58 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-13 17:42 - 2014-04-13 17:42 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes2014-04-13 17:42 - 2014-04-03 09:51 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-13 17:42 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-13 17:31 - 2014-04-13 17:32 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job2014-04-13 13:50 - 2014-04-13 13:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$2014-04-13 13:50 - 2014-04-13 13:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$2014-04-13 13:49 - 2014-04-13 13:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$2014-04-13 13:46 - 2014-04-13 13:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$2014-04-13 13:42 - 2014-04-13 13:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$2014-04-13 13:35 - 2014-04-13 13:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$2014-04-13 13:35 - 2014-04-13 13:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$2014-04-13 13:33 - 2014-04-13 13:33 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$2014-04-13 13:25 - 2014-04-13 13:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$2014-04-13 13:25 - 2014-04-13 13:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813347-v2$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$2014-04-13 13:23 - 2014-04-13 13:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$2014-04-13 13:19 - 2014-04-13 13:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$2014-04-13 13:15 - 2014-04-13 13:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$2014-04-13 13:14 - 2014-04-13 13:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$2014-04-13 13:13 - 2014-04-13 13:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$2014-04-13 13:13 - 2014-04-13 13:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$2014-04-13 13:12 - 2014-04-13 13:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$2014-04-13 13:12 - 2014-04-13 13:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$2014-04-13 13:11 - 2014-04-13 21:22 - 00000000 ____D () C:\WINDOWS\ie8updates2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$2014-04-13 13:05 - 2014-04-13 13:49 - 00000000 ___HD () C:\WINDOWS\$hf_mig$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$2014-04-13 13:05 - 2013-09-04 13:28 - 00017272 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll2014-04-13 08:44 - 2014-04-16 20:32 - 00019060 _____ () C:\Documents and Settings\Anne-Marie\My Documents\Budget Pralo..xlsx2014-04-13 08:23 - 2014-03-12 12:48 - 00993280 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kernel32.dll2014-04-13 08:23 - 2014-02-05 10:55 - 00562688 ____N () C:\WINDOWS\system32\dllcache\qedit.dll2014-04-13 08:23 - 2013-11-07 07:38 - 00591360 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcrt4.dll2014-04-13 08:23 - 2013-10-07 12:59 - 00603136 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\crypt32.dll2014-04-13 08:23 - 2013-08-05 15:30 - 01289728 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ole32.dll2014-04-13 08:23 - 2013-06-04 02:53 - 00290816 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\dllcache\atmfd.dll2014-04-13 08:23 - 2013-01-26 05:55 - 00552448 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oleaut32.dll2014-04-13 08:23 - 2013-01-02 08:48 - 01292288 ____N () C:\WINDOWS\system32\dllcache\quartz.dll2014-04-13 08:23 - 2013-01-02 08:48 - 00148992 ____N () C:\WINDOWS\system32\dllcache\mpg2splt.ax2014-04-13 08:23 - 2012-06-04 06:31 - 00153088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\schannel.dll2014-04-13 08:23 - 2012-05-14 11:21 - 00346112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\localspl.dll2014-04-13 08:23 - 2011-11-16 16:20 - 00354816 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winhttp.dll2014-04-13 08:23 - 2011-11-03 17:28 - 00386048 ____N () C:\WINDOWS\system32\dllcache\qdvd.dll2014-04-13 08:23 - 2011-10-14 16:47 - 00176128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmm.dll2014-04-13 08:23 - 2011-10-14 16:47 - 00023040 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mciseq.dll2014-04-13 08:23 - 2011-10-10 16:21 - 00692736 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcomm.dll2014-04-13 08:23 - 2011-02-09 15:53 - 00270848 ____N () C:\WINDOWS\system32\dllcache\sbe.dll2014-04-13 08:23 - 2010-12-22 14:32 - 00301568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kerberos.dll2014-04-13 08:23 - 2010-11-18 20:12 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isign32.dll2014-04-13 08:22 - 2014-02-07 04:01 - 01879040 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\win32k.sys2014-04-13 08:22 - 2013-12-05 13:26 - 01172992 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml3.dll2014-04-13 08:22 - 2013-11-13 04:59 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imagehlp.dll2014-04-13 08:22 - 2013-10-24 01:45 - 00172032 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scrrun.dll2014-04-13 08:22 - 2013-10-12 17:56 - 00278528 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oakley.dll2014-04-13 08:22 - 2013-10-09 15:12 - 00287744 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gdi32.dll2014-04-13 08:22 - 2013-08-09 03:56 - 00386560 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\themeui.dll2014-04-13 08:22 - 2013-03-08 10:35 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsrv.dll2014-04-13 08:22 - 2013-02-27 07:31 - 02691072 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstscax.dll2014-04-13 08:22 - 2013-02-27 07:31 - 00131072 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aaclient.dll2014-04-13 08:22 - 2013-02-27 07:31 - 00036864 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsgqec.dll2014-04-13 08:22 - 2013-02-27 02:21 - 01034240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstsc.exe2014-04-13 08:22 - 2013-02-27 02:21 - 00223232 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wksprt.exe2014-04-13 08:22 - 2012-11-06 04:00 - 01446912 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll2014-04-13 08:22 - 2012-11-02 04:02 - 00375296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dpnet.dll2014-04-13 08:22 - 2012-10-02 20:04 - 00058368 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\synceng.dll2014-04-13 08:22 - 2012-08-24 15:52 - 00178176 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wintrust.dll2014-04-13 08:22 - 2012-07-06 15:58 - 00339968 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\netapi32.dll2014-04-13 08:22 - 2012-07-06 15:58 - 00078336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browser.dll2014-04-13 08:22 - 2012-06-08 16:24 - 08463872 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shell32.dll2014-04-13 08:22 - 2011-10-28 07:31 - 00033280 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csrsrv.dll2014-04-13 08:22 - 2011-10-18 13:13 - 00186880 ____N () C:\WINDOWS\system32\dllcache\encdec.dll2014-04-13 08:22 - 2011-08-17 15:41 - 00138496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\afd.sys2014-04-13 08:22 - 2011-03-03 08:53 - 00149504 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dnsapi.dll2014-04-13 08:22 - 2011-03-03 08:53 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET55E.tmp2014-04-13 08:22 - 2011-02-17 15:19 - 00357888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srv.sys2014-04-13 08:22 - 2011-02-08 15:32 - 00978944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc42.dll2014-04-13 08:22 - 2011-02-08 15:32 - 00974848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc42u.dll2014-04-13 08:22 - 2011-01-21 16:42 - 00439808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shimgvw.dll2014-04-13 08:22 - 2010-12-20 19:24 - 00730112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lsasrv.dll2014-04-13 08:22 - 2010-11-09 16:50 - 00253952 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\odbc32.dll2014-04-13 08:22 - 2009-04-20 19:06 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dnsrslvr.dll2014-04-13 08:22 - 2009-04-20 19:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET55D.tmp2014-04-13 08:22 - 2008-06-20 19:43 - 00245248 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mswsock.dll2014-04-13 08:22 - 2008-06-20 13:59 - 00361600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcpip.sys2014-04-13 08:22 - 2008-06-20 13:16 - 00225856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcpip6.sys2014-04-13 08:21 - 2014-02-26 03:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe2014-04-13 08:21 - 2014-02-26 03:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe2014-04-13 08:21 - 2011-11-18 14:35 - 00060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\packager.exe2014-04-13 08:21 - 2011-07-15 15:29 - 00457856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys2014-04-13 08:20 - 2013-07-03 04:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys2014-04-13 08:20 - 2013-07-03 03:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys2014-04-13 08:19 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys2014-04-13 08:19 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys2014-04-13 08:19 - 2011-04-21 15:52 - 00105472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys2014-04-13 08:17 - 2012-05-28 20:15 - 00565248 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll2014-04-13 08:17 - 2012-05-28 20:15 - 00200704 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadox.dll2014-04-13 08:17 - 2012-05-28 20:15 - 00180224 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadomd.dll2014-04-13 08:17 - 2012-05-28 20:15 - 00143360 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadco.dll2014-04-13 08:17 - 2012-05-28 20:15 - 00102400 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msjro.dll2014-04-13 08:17 - 2012-05-28 20:15 - 00057344 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msador15.dll2014-04-13 08:17 - 2012-05-28 14:25 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado28.tlb2014-04-13 08:17 - 2012-05-28 14:25 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado27.tlb2014-04-13 08:17 - 2012-05-28 14:25 - 00077824 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado26.tlb2014-04-13 08:17 - 2012-05-28 14:25 - 00077824 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado25.tlb2014-04-13 08:17 - 2012-05-28 14:25 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado21.tlb2014-04-13 08:17 - 2012-05-28 14:25 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado20.tlb2014-04-13 08:16 - 2014-03-06 19:59 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll2014-04-13 08:16 - 2014-03-06 19:59 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET52B.tmp2014-04-13 08:16 - 2014-03-06 19:59 - 06021632 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll2014-04-13 08:16 - 2014-03-06 19:59 - 06021632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET523.tmp2014-04-13 08:16 - 2014-03-06 19:59 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll2014-04-13 08:16 - 2014-03-06 19:59 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET529.tmp2014-04-13 08:16 - 2014-03-06 19:59 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl2014-04-13 08:16 - 2014-03-06 19:59 - 01216000 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll2014-04-13 08:16 - 2014-03-06 19:59 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET51E.tmp2014-04-13 08:16 - 2014-03-06 19:59 - 00920064 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00759296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00105984 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll2014-04-13 08:16 - 2014-03-06 19:59 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll2014-04-13 08:16 - 2014-01-04 05:13 - 00420864 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vbscript.dll2014-04-13 08:16 - 2013-08-09 02:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys2014-04-13 08:16 - 2013-08-09 02:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys2014-04-13 08:16 - 2013-08-09 02:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys2014-04-13 08:16 - 2012-07-04 15:59 - 00139784 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys2014-04-13 08:16 - 2011-03-04 08:35 - 00726528 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jscript.dll2014-04-13 08:16 - 2009-03-18 13:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys2014-04-13 08:15 - 2013-11-27 22:21 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys2014-04-13 08:15 - 2013-07-04 05:03 - 02149888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe2014-04-13 08:15 - 2013-07-04 04:59 - 02193536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe2014-04-13 08:15 - 2013-07-04 04:08 - 02028544 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe2014-04-13 08:15 - 2012-01-11 21:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll2014-04-13 08:15 - 2012-01-11 21:06 - 00003072 ____N () C:\WINDOWS\system32\dllcache\iacenc.dll2014-04-13 08:15 - 2011-07-08 16:02 - 00010496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys2014-04-13 08:15 - 2010-12-09 17:15 - 00718336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll2014-04-13 08:15 - 2010-10-11 16:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe2014-04-12 18:15 - 2014-04-15 21:42 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt2014-04-12 18:15 - 2014-04-12 18:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office2014-04-12 18:14 - 2014-04-12 18:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\WINDOWS\SHELLNEW2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Microsoft Help2014-04-12 18:10 - 2014-04-13 13:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help2014-04-12 18:10 - 2014-04-12 18:13 - 00000000 ____D () C:\Program Files\Microsoft Office2014-04-12 18:10 - 2014-04-12 18:10 - 00000000 __RHD () C:\MSOCache2014-04-12 18:05 - 2014-04-13 18:38 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\DAEMON Tools Lite2014-04-12 18:05 - 2014-04-12 18:05 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys2014-04-12 18:04 - 2014-04-12 18:05 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite2014-04-12 18:03 - 2014-04-12 18:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite2014-04-12 11:01 - 2014-04-13 18:42 - 00065536 _____ () C:\WINDOWS\system32\config\Nano.evt2014-04-12 11:01 - 2014-04-13 18:34 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\Panda Security2014-04-12 11:00 - 2014-04-13 18:43 - 00000000 ____D () C:\Program Files\Panda Security2014-04-09 09:52 - 2014-04-09 09:52 - 00016215 _____ () C:\Documents and Settings\Anne-Marie\My Documents\lettre couture.odt2014-04-05 08:31 - 2014-04-11 15:09 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\My Documents\Nicolas2014-04-04 07:49 - 2014-04-04 07:49 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\AVAST Software2014-04-04 07:44 - 2014-04-04 07:44 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-04-04 07:42 - 2014-04-04 07:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software2014-04-04 07:41 - 2014-04-04 07:45 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2014-04-04 07:41 - 2014-04-04 07:45 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2014-04-04 07:41 - 2014-04-04 07:45 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2014-04-02 18:24 - 2014-04-17 08:04 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\uTorrent2014-04-01 10:36 - 2014-04-01 10:36 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\OpenOffice.org ==================== One Month Modified Files and Folders ======= 2014-04-17 08:08 - 2012-07-05 11:50 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job2014-04-17 08:07 - 2014-04-17 08:04 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Desktop\Nicolas2014-04-17 08:07 - 2014-04-16 16:24 - 00000000 ____D () C:\FRST2014-04-17 08:07 - 2010-12-30 18:33 - 00510628 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-04-17 08:04 - 2014-04-02 18:24 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\uTorrent2014-04-17 08:04 - 2010-12-30 16:48 - 01562457 _____ () C:\WINDOWS\WindowsUpdate.log2014-04-17 08:02 - 2010-12-30 18:35 - 00000397 _____ () C:\WINDOWS\wiadebug.log2014-04-17 08:02 - 2010-12-30 18:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log2014-04-17 08:02 - 2010-12-30 16:58 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-04-16 20:47 - 2010-12-30 16:58 - 00032580 _____ () C:\WINDOWS\SchedLgU.Txt2014-04-16 20:32 - 2014-04-13 08:44 - 00019060 _____ () C:\Documents and Settings\Anne-Marie\My Documents\Budget Pralo..xlsx2014-04-16 20:29 - 2013-03-01 20:40 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2014-04-16 20:11 - 2010-12-30 21:43 - 00000998 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1645522239-1177238915-1003UA.job2014-04-16 15:58 - 2014-04-13 17:42 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-15 21:42 - 2014-04-12 18:15 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt2014-04-15 21:39 - 2014-04-15 21:39 - 00000218 _____ () C:\Documents and Settings\Anne-Marie\.recently-used.xbel2014-04-15 21:39 - 2010-12-30 16:59 - 00000000 ____D () C:\Documents and Settings\Anne-Marie2014-04-15 20:26 - 2014-04-15 20:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\XLS to DBF Converter2014-04-15 13:37 - 2010-12-31 15:37 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job2014-04-15 13:11 - 2010-12-30 21:43 - 00000946 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1645522239-1177238915-1003Core.job2014-04-14 12:49 - 2010-12-30 20:24 - 00052584 _____ () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT2014-04-13 21:22 - 2014-04-13 21:22 - 00009341 _____ () C:\WINDOWS\KB2925418-IE8.log2014-04-13 21:22 - 2014-04-13 21:22 - 00006726 _____ () C:\WINDOWS\iis6.log2014-04-13 21:22 - 2014-04-13 21:22 - 00006183 _____ () C:\WINDOWS\FaxSetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00003996 _____ () C:\WINDOWS\ocgen.log2014-04-13 21:22 - 2014-04-13 21:22 - 00002821 _____ () C:\WINDOWS\tsoc.log2014-04-13 21:22 - 2014-04-13 21:22 - 00002058 _____ () C:\WINDOWS\comsetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001892 _____ () C:\WINDOWS\msmqinst.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001374 _____ () C:\WINDOWS\imsins.log2014-04-13 21:22 - 2014-04-13 21:22 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000342 _____ () C:\WINDOWS\ocmsn.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000311 _____ () C:\WINDOWS\tabletoc.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-04-13 21:22 - 2014-04-13 21:22 - 00000000 _____ () C:\WINDOWS\setupact.log2014-04-13 21:22 - 2014-04-13 19:06 - 00002432 _____ () C:\WINDOWS\updspapi.log2014-04-13 21:22 - 2014-04-13 13:11 - 00000000 ____D () C:\WINDOWS\ie8updates2014-04-13 19:57 - 2010-12-30 16:55 - 00000000 ____D () C:\WINDOWS\Microsoft.NET2014-04-13 19:28 - 2010-12-31 12:38 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\My Documents\Contrats Pralo2014-04-13 19:06 - 2014-04-13 19:06 - 00011712 _____ () C:\WINDOWS\KB2509553.log2014-04-13 19:03 - 2014-04-13 19:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe2014-04-13 19:03 - 2014-04-13 19:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Program Files\Common Files\Java2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java2014-04-13 19:03 - 2012-05-28 12:29 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl2014-04-13 18:43 - 2014-04-12 11:00 - 00000000 ____D () C:\Program Files\Panda Security2014-04-13 18:43 - 2010-12-30 18:32 - 00221632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-04-13 18:42 - 2014-04-12 11:01 - 00065536 _____ () C:\WINDOWS\system32\config\Nano.evt2014-04-13 18:38 - 2014-04-12 18:05 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\DAEMON Tools Lite2014-04-13 18:37 - 2012-07-04 10:25 - 00000000 ____D () C:\WINDOWS\Minidump2014-04-13 18:34 - 2014-04-12 11:01 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\Panda Security2014-04-13 18:31 - 2014-04-13 18:31 - 00000105 _____ () C:\prefs.js2014-04-13 18:27 - 2012-05-27 17:29 - 00000000 ____D () C:\WINDOWS\pss2014-04-13 18:25 - 2014-04-13 18:25 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk2014-04-13 18:25 - 2014-04-13 18:25 - 00000000 ____D () C:\Program Files\CCleaner2014-04-13 18:06 - 2010-12-30 18:24 - 00000000 ____D () C:\WINDOWS\Provisioning2014-04-13 17:42 - 2014-04-13 17:42 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes2014-04-13 17:32 - 2014-04-13 17:31 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job2014-04-13 17:31 - 2010-12-30 16:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2014-04-13 13:50 - 2014-04-13 13:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$2014-04-13 13:50 - 2014-04-13 13:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$2014-04-13 13:50 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$2014-04-13 13:49 - 2014-04-13 13:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$2014-04-13 13:49 - 2014-04-13 13:05 - 00000000 ___HD () C:\WINDOWS\$hf_mig$2014-04-13 13:46 - 2014-04-13 13:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$2014-04-13 13:42 - 2014-04-13 13:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$2014-04-13 13:42 - 2010-12-30 18:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$2014-04-13 13:37 - 2014-04-13 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$2014-04-13 13:36 - 2014-04-13 13:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$2014-04-13 13:36 - 2014-04-12 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help2014-04-13 13:35 - 2014-04-13 13:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$2014-04-13 13:35 - 2014-04-13 13:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$2014-04-13 13:33 - 2014-04-13 13:33 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$2014-04-13 13:33 - 2014-04-13 13:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$2014-04-13 13:29 - 2014-04-13 13:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$2014-04-13 13:25 - 2014-04-13 13:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$2014-04-13 13:25 - 2014-04-13 13:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813347-v2$2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$2014-04-13 13:23 - 2014-04-13 13:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$2014-04-13 13:19 - 2014-04-13 13:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$2014-04-13 13:17 - 2014-04-13 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$2014-04-13 13:16 - 2014-04-13 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$2014-04-13 13:15 - 2014-04-13 13:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$2014-04-13 13:14 - 2014-04-13 13:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$2014-04-13 13:13 - 2014-04-13 13:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$2014-04-13 13:13 - 2014-04-13 13:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$2014-04-13 13:13 - 2010-12-30 16:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight2014-04-13 13:12 - 2014-04-13 13:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$2014-04-13 13:12 - 2014-04-13 13:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$2014-04-13 13:06 - 2014-04-13 13:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$2014-04-13 13:05 - 2010-12-30 16:47 - 00000000 ____D () C:\Program Files\Outlook Express2014-04-12 20:43 - 2010-12-30 16:58 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini2014-04-12 18:23 - 2012-04-08 15:54 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk2014-04-12 18:20 - 2010-12-30 18:24 - 00000000 ____D () C:\WINDOWS\Help2014-04-12 18:15 - 2014-04-12 18:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office2014-04-12 18:14 - 2014-04-12 18:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-04-12 18:13 - 2014-04-12 18:10 - 00000000 ____D () C:\Program Files\Microsoft Office2014-04-12 18:13 - 2013-10-11 15:43 - 00000000 ____D () C:\Program Files\Microsoft.NET2014-04-12 18:13 - 2010-12-30 18:24 - 00000000 ____D () C:\WINDOWS\pchealth2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\WINDOWS\SHELLNEW2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services2014-04-12 18:11 - 2014-04-12 18:11 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Microsoft Help2014-04-12 18:10 - 2014-04-12 18:10 - 00000000 __RHD () C:\MSOCache2014-04-12 18:06 - 2014-04-12 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite2014-04-12 18:05 - 2014-04-12 18:05 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys2014-04-12 18:05 - 2014-04-12 18:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite2014-04-11 15:09 - 2014-04-05 08:31 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\My Documents\Nicolas2014-04-11 08:59 - 2013-10-11 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJPLM2014-04-10 18:15 - 2010-12-30 21:47 - 00002321 _____ () C:\Documents and Settings\Anne-Marie\Desktop\Google Chrome.lnk2014-04-09 09:52 - 2014-04-09 09:52 - 00016215 _____ () C:\Documents and Settings\Anne-Marie\My Documents\lettre couture.odt2014-04-09 09:29 - 2012-12-03 14:58 - 00027710 _____ () C:\Documents and Settings\Anne-Marie\My Documents\curriculum vitae.odp2014-04-08 12:38 - 2008-04-14 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl2014-04-06 11:18 - 2010-12-30 18:32 - 00000232 ___SH () C:\boot.ini2014-04-06 11:18 - 2008-04-14 14:00 - 00000542 _____ () C:\WINDOWS\win.ini2014-04-06 11:18 - 2008-04-14 14:00 - 00000227 _____ () C:\WINDOWS\system.ini2014-04-04 08:13 - 2013-10-11 21:21 - 00286476 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-839522115-1645522239-1177238915-1003-0.dat2014-04-04 08:13 - 2013-10-11 21:21 - 00137454 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat2014-04-04 07:49 - 2014-04-04 07:49 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\AVAST Software2014-04-04 07:45 - 2014-04-04 07:41 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2014-04-04 07:45 - 2014-04-04 07:41 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2014-04-04 07:45 - 2014-04-04 07:41 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2014-04-04 07:45 - 2011-05-11 12:09 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys2014-04-04 07:45 - 2010-12-30 21:36 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2014-04-04 07:45 - 2010-12-30 21:36 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys2014-04-04 07:44 - 2014-04-04 07:44 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-04-04 07:44 - 2010-12-30 21:36 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2014-04-04 07:44 - 2010-12-30 21:36 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys2014-04-04 07:42 - 2014-04-04 07:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software2014-04-04 07:41 - 2010-12-30 16:49 - 00002577 _____ () C:\WINDOWS\system32\CONFIG.NT2014-04-03 09:51 - 2014-04-13 17:42 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-03 09:50 - 2014-04-13 17:42 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-01 10:36 - 2014-04-01 10:36 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\OpenOffice.org2014-03-30 16:53 - 2013-09-10 16:50 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\dvdcss2014-03-30 14:33 - 2011-04-29 19:50 - 00000000 ____D () C:\Documents and Settings\Anne-Marie\Application Data\vlc2014-03-27 19:50 - 2014-03-04 10:05 - 00020230 _____ () C:\Documents and Settings\Anne-Marie\My Documents\lettre meyssac.odt2014-03-23 15:24 - 2013-02-03 19:43 - 00032937 _____ () C:\Documents and Settings\Anne-Marie\My Documents\CV PASCAL.odp2014-03-21 20:07 - 2010-12-30 16:48 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM Some content of TEMP:====================C:\Documents and Settings\Anne-Marie\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe[2008-07-03 13:38] - [2008-07-03 13:38] - 1033728 ____A (Microsoft Corporation) 2bb75b7f548d82a099125d0c5971de7d C:\WINDOWS\system32\winlogon.exe[2009-04-02 16:56] - [2009-04-02 16:56] - 0509440 ____A (Microsoft Corporation) 53a8857723277b1d6d5ee60a9f85b117 C:\WINDOWS\system32\svchost.exe => MD5 is legitC:\WINDOWS\system32\services.exe[2009-12-23 17:05] - [2009-12-23 17:05] - 0110592 ____A (Microsoft Corporation) c519e15665cd89a91ad383fce3cb556a C:\WINDOWS\system32\User32.dll => MD5 is legitC:\WINDOWS\system32\userinit.exe => MD5 is legitC:\WINDOWS\system32\rpcss.dll => MD5 is legitC:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ And Addition.txt :Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-04-2014Ran by Anne-Marie at 2014-04-17 08:08:16Running from C:\Documents and Settings\Anne-Marie\Desktop\NicolasBoot Mode: Normal========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)Adobe Reader X (10.1.9) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2016 - Avast Software)Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)Canon MG2200 series On-screen Manual (HKLM\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)Enregistrement utilisateur de Canon MG2200 series (HKLM\...\Enregistrement utilisateur de Canon MG2200 series) (Version: - Canon Inc.‎)Gnumeric Spreadsheet 1.10.16-20110616 (HKCU\...\Gnumeric) (Version: 1.10.16-20110616 - )Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)Intel® Network Connections 15.8.76.0 (HKLM\...\{21927AF8-8738-455F-AB98-7FF8FBFC6282}) (Version: 15.8.76.0 - Intel)iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)NVIDIA Control Panel 260.99 (Version: 260.99 - NVIDIA Corporation) HiddenNVIDIA Graphics Driver 260.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 260.99 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.0.14.0 - NVIDIA Corporation) HiddenNVIDIA nView 135.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.36 - NVIDIA Corporation)NVIDIA nView Desktop Manager (Version: 6.14.10.13065 - NVIDIA Corporation) HiddenNVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)OpenOffice.org 3.4 (HKLM\...\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}) (Version: 3.4.9590 - OpenOffice.org)Photo Notifier and Animation Creator (Version: 1.0.0.1009 - Nom de votre société) HiddenPicasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)Ralink RT7x Wireless LAN Card (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.5.4.0 - Ralink)Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5282 - Realtek Semiconductor Corp.)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)Update for Windows XP (KB2813347-v2) (HKLM\...\KB2813347-v2) (Version: 2 - Microsoft Corporation)Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)Virtual Magnifying Glass (HKLM\...\Virtual Magnifying Glass) (Version: - )VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) HiddenWebReg (Version: 70.0.170.000 - Hewlett-Packard) HiddenWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )XLS to DBF Converter 2.00 (HKLM\...\XLS to DBF Converter_is1) (Version: - WhiteTown Software) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2008-04-14 14:00 - 2008-04-14 14:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exeTask: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1645522239-1177238915-1003Core.job => C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1645522239-1177238915-1003UA.job => C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-16 20:27 - 2014-04-16 20:27 - 02215424 _____ () C:\Program Files\Alwil Software\Avast5\defs\14041601\algo.dll2010-12-30 20:23 - 2010-08-26 01:12 - 02459240 _____ () C:\Program Files\NVIDIA Corporation\nView\nview.dll2010-12-30 20:23 - 2010-08-26 01:12 - 00555624 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll2014-04-04 07:44 - 2014-04-04 07:44 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2013-10-11 16:01 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE2014-04-10 18:15 - 2014-04-02 03:57 - 00065352 _____ () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll2014-04-10 18:15 - 2014-04-02 03:57 - 04081480 _____ () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\pdf.dll2014-04-10 18:15 - 2014-04-02 03:58 - 00390472 _____ () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll2014-04-10 18:15 - 2014-04-02 03:57 - 01647432 _____ () C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^Documents and Settings^Anne-Marie^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\WINDOWS\pss\OpenOffice.org 3.4.lnkStartupMSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logonMSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorunMSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Anne-Marie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cMSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -kMSCONFIG\startupreg: Panda Security URL Filtering => "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exeMSCONFIG\startupreg: PSUAMain => "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTrayMSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (04/16/2014 04:11:33 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/16/2014 08:11:18 AM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/15/2014 09:27:46 PM) (Source: Microsoft Office 14) (User: )Description: EventType officelifeboathang, P1 excel.exe, P2 14.0.4734.1000, P3 ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 officelifeboathang0, P10 officelifeboathang1. Error: (04/15/2014 09:26:16 PM) (Source: Microsoft Office 14) (User: )Description: EventType officelifeboathang, P1 excel.exe, P2 14.0.4734.1000, P3 ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 officelifeboathang0, P10 officelifeboathang1. Error: (04/15/2014 05:11:49 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/15/2014 00:12:06 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/14/2014 09:11:22 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/14/2014 03:12:16 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/14/2014 10:12:08 AM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (04/13/2014 06:12:04 PM) (Source: MsiInstaller) (User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. System errors:=============Error: (04/15/2014 10:53:18 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout. Error: (04/15/2014 10:51:18 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout. Error: (04/15/2014 10:49:17 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout. Error: (04/12/2014 10:21:43 PM) (Source: SideBySide) (User: )Description: Generate Activation Context failed for C:\Documents and Settings\Anne-Marie\My Documents\Downloads\Drivers_Setup.exe.Reference error message: The operation completed successfully.. Error: (04/12/2014 10:21:43 PM) (Source: SideBySide) (User: )Description: Syntax error in manifest or policy file "Manifest Parse Error : Invalid at the top level of the document.1" on line Manifest Parse Error : Invalid at the top level of the document.2. Error: (03/02/2014 06:06:42 PM) (Source: 0) (User: )Description: \Device\Harddisk3\D Error: (02/22/2014 09:18:06 AM) (Source: 0) (User: )Description: \Device\Harddisk4\D Error: (01/27/2014 07:16:54 PM) (Source: 0) (User: )Description: \Device\Harddisk5\D Error: (01/27/2014 07:16:53 PM) (Source: 0) (User: )Description: \Device\Harddisk5\D Error: (01/27/2014 07:16:52 PM) (Source: 0) (User: )Description: \Device\Harddisk5\D Microsoft Office Sessions:=========================Error: (04/16/2014 04:11:33 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/16/2014 08:11:18 AM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/15/2014 09:27:46 PM) (Source: Microsoft Office 14)(User: )Description: officelifeboathangexcel.exe14.0.4734.1000ntdll.dll5.1.2600.6055NILNILNILNILNILNIL Error: (04/15/2014 09:26:16 PM) (Source: Microsoft Office 14)(User: )Description: officelifeboathangexcel.exe14.0.4734.1000ntdll.dll5.1.2600.6055NILNILNILNILNILNIL Error: (04/15/2014 05:11:49 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/15/2014 00:12:06 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/14/2014 09:11:22 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/14/2014 03:12:16 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/14/2014 10:12:08 AM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) Error: (04/13/2014 06:12:04 PM) (Source: MsiInstaller)(User: TANK)Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL) ==================== Memory info =========================== Percentage of memory in use: 79%Total physical RAM: 1023.23 MBAvailable physical RAM: 210.89 MBTotal Pagefile: 2460.72 MBAvailable Pagefile: 1676.42 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1945.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:203.61 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 1549F232)Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Let me know if you need me to do something else. Rolland

Hello ! I've been sent on this forum because mbam finds infected files over and over from the same source and running the scan doesn't prevent it from appearing again. On the second hand, this computer is getting slower everyday. I did as the sticky told me to and here are the results of the Farbar scan. Thank you for your time. Rolland FRST.txt Addition.txt