avilug

en fait j'ai bien utilisé OTL normal mais au moment de redémarrer, j'ai cliqué sur "oui" et ça n'a PAS redémarré. donc j'ai redémarré à la main et j'ai été chercher le rapport c:\otl.txt ... qui s'avèrait être le mauvais ! j'ai recommencé : IDEM ça ne reboot pas : je clique sur oui, et ça marque en bas de la fenêtre d'OTL : processing complete! et rien ne se passe. (évidemment, j'ai bien vérifié n'avoir oublié AUCUNE ligne dans mon copier/coller)

Pear, voici le rapport (235Ko tout de même) ! mon rapport OTL

bonjour pear, j'ai essayé avec OTL et OTL PE : même résultat : OTL plante quand il arrive à "processing safebootmin : appmgmt - file not found" après il faut que je ferme OTL à la sauvage.

et voilà le rapport sous oTL PE version OTL logfile created on: 6/7/2011 9:12:09 PM - Run OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE Windows Vista Home Basic Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 8.0.6001.19048) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 288.09 Gb Total Space | 205.25 Gb Free Space | 71.25% Space Free | Partition Type: NTFS Drive D: | 1021.00 Mb Total Space | 938.90 Mb Free Space | 91.96% Space Free | Partition Type: FAT32 Drive E: | 9.00 Gb Total Space | 1.85 Gb Free Space | 20.50% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - [2011/06/05 02:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC) SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008/05/20 20:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker) SRV - [2008/05/20 20:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel) SRV - [2008/05/14 16:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service) SRV - [2008/05/13 20:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService) SRV - [2008/05/12 09:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2008/05/02 16:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService) SRV - [2008/04/18 09:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 08:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/10/19 03:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2007/05/15 19:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca) SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (USBAAPL) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - File not found [Kernel | System] -- -- (dnasubuy) DRV - File not found [Kernel | On_Demand] -- -- (catchme) DRV - [2011/05/29 03:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/06/30 04:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot) DRV - [2008/05/13 20:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg) DRV - [2008/05/13 20:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock) DRV - [2008/05/13 20:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock) DRV - [2008/05/13 20:36:18 | 000,108,752 | ---- | M] (SafeBoot International) [Kernel | Boot] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot) DRV - [2008/04/28 02:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel® DRV - [2008/04/14 17:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2008/04/10 11:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008/04/07 14:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2008/04/07 14:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008/02/29 12:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/01/20 22:34:06 | 000,020,992 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008/01/20 22:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2004/02/04 04:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) DRV - [2001/01/29 10:41:04 | 000,009,152 | ---- | M] () [Kernel | Auto] -- C:\windows\System32\drivers\Ticalc.sys -- (TICalc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\deborah_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\deborah_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\deborah_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/ IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/ IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/ IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\TEMP_ON_C\..\URLSearchHook: {a584454e-8fcc-41ab-b0f2-f30c06aab910} - Reg Error: Key error. File not found IE - HKU\TEMP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.easysear.ch/" FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/04 06:31:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/05 09:47:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/05 09:47:25 | 000,000,000 | ---D | M] [2010/11/09 11:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\Mozilla\Extensions [2011/05/18 07:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\extensions [2010/11/09 16:01:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/06/05 10:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/01/13 06:47:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/06/05 10:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/10/04 06:31:53 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3 [2011/02/02 15:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009/08/24 15:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2009/08/24 15:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2009/08/24 15:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/08/24 15:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2009/08/24 15:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/06/05 15:59:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found. O3 - HKU\deborah_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\deborah_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found. O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found. O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.) O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKU\McAfeeMVSUser_ON_C..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\TEMP_ON_C..\Run: [CanalPlayer] File not found O4 - HKU\TEMP_ON_C..\Run: [LightScribe Control Panel] File not found O4 - HKU\TEMP_ON_C..\Run: [msnmsgr] File not found O4 - HKU\TEMP_ON_C..\Run: [swg] File not found O4 - HKU\TEMP_ON_C..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\deborah_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\deborah_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\McAfeeMVSUser_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\TEMP_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\Physical0MBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpReg: Akizijiwanomohag - hkey= - key= - File not found MsConfig - StartUpReg: asp70vdviss.exe - hkey= - key= - File not found MsConfig - StartUpReg: CanalPlayer - hkey= - key= - File not found MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - File not found MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: rpcnet - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: rpcnet - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) ========== Files/Folders - Created Within 30 Days ========== [2011/06/07 12:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/06/07 11:42:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe [2011/06/06 12:12:17 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2011/06/06 11:39:55 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2011/06/06 11:30:47 | 004,114,023 | ---- | C] (Swearware) -- C:\Users\deborah\Desktop\sally.com [2011/06/06 11:29:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/06/06 11:28:14 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2011/06/05 15:58:55 | 000,000,000 | ---D | C] -- C:\## aswSnx private storage [2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\windows\temp [2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\TEMP\AppData\Local\temp [2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\temp [2011/06/05 15:43:13 | 000,000,000 | ---D | C] -- C:\ComboFix [2011/06/05 10:12:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2011/06/05 10:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2011/06/05 10:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2011/06/05 09:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/06/05 09:56:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\System32\GEARAspi.dll [2011/06/05 09:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/06/05 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/06/05 09:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011/06/05 09:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/06/05 09:51:58 | 000,000,000 | ---D | C] -- C:\windows\fr [2011/06/05 09:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/06/05 09:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011/06/05 09:45:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll [2011/06/05 09:44:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll [2011/06/05 09:44:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll [2011/06/05 07:58:03 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\Windows Live [2011/06/05 07:57:15 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll [2011/06/05 07:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\WindowsPowerShell [2011/06/05 07:44:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrsmgr.dll [2011/06/05 07:44:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrs.exe [2011/06/05 07:44:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrshost.exe [2011/06/05 07:44:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmprovhost.exe [2011/06/05 07:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmplpxy.dll [2011/06/05 07:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrssrv.dll [2011/06/05 07:44:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wevtfwd.dll [2011/06/05 07:44:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecutil.exe [2011/06/05 07:44:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecapi.dll [2011/06/05 07:44:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmRes.dll [2011/06/05 07:44:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pwrshplugin.dll [2011/06/05 07:44:10 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll [2011/06/05 07:44:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe [2011/06/05 07:44:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrscmd.dll [2011/06/05 07:44:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll [2011/06/05 07:44:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll [2011/06/05 07:43:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe [2011/06/05 07:43:06 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFH264Dec.dll [2011/06/05 07:43:06 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFHEAACdec.dll [2011/06/05 07:43:06 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfmp4src.dll [2011/06/05 07:43:06 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll [2011/06/05 07:43:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll [2011/06/05 07:43:05 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll [2011/06/05 07:43:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelinesvc.exe [2011/06/05 07:43:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll [2011/06/05 07:43:04 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfplat.dll [2011/06/05 07:43:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfps.dll [2011/06/05 07:43:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll [2011/06/05 07:43:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelineprxy.dll [2011/06/05 07:42:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll [2011/06/05 07:42:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll [2011/06/05 07:42:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/06/05 07:42:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2011/06/05 07:42:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2011/06/05 07:42:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/06/05 07:42:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/06/05 07:42:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2011/06/05 07:42:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/06/05 07:42:26 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/06/05 07:42:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2011/06/05 07:42:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/06/05 07:42:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/06/05 07:42:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/06/05 07:42:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/06/05 07:42:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/06/05 07:42:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/06/05 07:42:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2011/06/05 07:42:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2011/06/05 07:42:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/06/05 07:42:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/06/05 07:42:11 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll [2011/06/05 07:42:11 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll [2011/06/05 07:42:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2011/06/05 07:42:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2011/06/05 07:42:05 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll [2011/06/05 07:42:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2011/06/05 07:42:05 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll [2011/06/05 07:42:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2011/06/05 07:42:04 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll [2011/06/05 07:42:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll [2011/06/05 07:42:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011/06/05 07:42:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2011/06/05 07:42:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll [2011/06/05 07:40:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll [2011/06/05 07:40:13 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll [2011/06/05 07:40:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax [2011/06/05 07:40:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbeio.dll [2011/06/05 07:40:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/06/05 07:40:12 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/06/05 07:40:11 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011/06/05 07:24:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2011/06/05 07:24:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2011/06/05 07:24:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2011/06/05 07:24:46 | 000,000,000 | ---D | C] -- C:\windows\ERDNT [2011/06/05 07:24:40 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/06/05 03:56:02 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\pavboot.sys [2011/06/05 03:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2011/06/05 03:53:32 | 000,000,000 | ---D | C] -- C:\windows\BDOSCAN8 [2011/06/05 02:28:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/06/05 02:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/06/05 02:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/06/05 02:28:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/06/05 02:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/06/05 02:26:47 | 000,000,000 | ---D | C] -- C:\28710 [2011/06/05 02:09:58 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\RK_Quarantine [2011/06/02 19:24:56 | 000,000,000 | ---D | C] -- C:\found.001 [2011/05/17 07:35:17 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\Nouveau dossier (2) [2009/05/30 18:02:05 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll [2009/05/30 18:02:05 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2011/06/07 21:12:51 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin [2011/06/07 13:32:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/06/07 13:32:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/06/07 13:32:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/06/07 13:32:16 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat [2011/06/07 13:25:56 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe [2011/06/07 13:25:54 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll [2011/06/07 13:25:32 | 3146,006,528 | -HS- | M] () -- C:\hiberfil.sys [2011/06/07 12:34:02 | 000,137,692 | ---- | M] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg [2011/06/07 12:30:43 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/06/07 12:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job [2011/06/07 11:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe [2011/06/07 08:01:17 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011/06/07 08:00:54 | 000,001,227 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/06/07 08:00:34 | 000,001,158 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/06/07 08:00:28 | 000,002,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/06/07 08:00:22 | 000,001,037 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011/06/06 12:12:17 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2011/06/06 11:33:17 | 000,002,687 | ---- | M] () -- C:\Users\deborah\Desktop\Microsoft Office Word 2007.lnk [2011/06/06 11:31:03 | 004,114,023 | ---- | M] (Swearware) -- C:\Users\deborah\Desktop\sally.com [2011/06/05 15:59:05 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts [2011/06/05 10:21:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011/06/05 10:14:48 | 001,301,452 | ---- | M] () -- C:\Users\deborah\Desktop\tdsskiller.zip [2011/06/05 10:02:59 | 000,404,320 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/06/05 09:56:42 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/06/05 09:56:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/06/05 09:47:14 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/06/05 09:47:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/06/05 07:47:54 | 000,706,322 | ---- | M] () -- C:\windows\System32\perfh00C.dat [2011/06/05 07:47:54 | 000,140,328 | ---- | M] () -- C:\windows\System32\perfc00C.dat [2011/06/05 07:45:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011/06/05 07:45:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [2011/06/05 07:26:11 | 000,637,304 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/06/05 07:26:11 | 000,120,808 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/06/05 03:42:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt [2011/06/05 03:39:45 | 000,036,352 | -H-- | M] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/05 03:09:20 | 000,006,648 | ---- | M] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat [2011/06/05 02:28:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/06/05 02:28:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/06/05 02:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.exe [2011/06/05 02:17:42 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll [2011/06/02 11:27:19 | 000,000,392 | ---- | M] () -- C:\ProgramData\34791160 [2011/06/02 11:23:52 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~34791160r [2011/06/02 11:23:52 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~34791160 [2011/05/29 03:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/05/29 03:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/05/10 08:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2011/05/10 08:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys [2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys ========== Files Created - No Company Name ========== [2011/06/07 21:12:51 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin [2011/06/07 12:33:57 | 000,137,692 | ---- | C] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg [2011/06/07 12:30:43 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/06/05 15:57:55 | 3146,006,528 | -HS- | C] () -- C:\hiberfil.sys [2011/06/05 10:14:30 | 001,301,452 | ---- | C] () -- C:\Users\deborah\Desktop\tdsskiller.zip [2011/06/05 09:56:42 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/06/05 09:51:07 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/06/05 09:50:23 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/06/05 09:49:30 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011/06/05 09:48:58 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/06/05 09:47:14 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/06/05 07:44:11 | 000,201,184 | ---- | C] () -- C:\windows\System32\winrm.vbs [2011/06/05 07:44:11 | 000,002,426 | ---- | C] () -- C:\windows\System32\WsmTxt.xsl [2011/06/05 07:44:10 | 000,004,675 | ---- | C] () -- C:\windows\System32\wsmanconfig_schema.xml [2011/06/05 07:24:52 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe [2011/06/05 07:24:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2011/06/05 07:24:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2011/06/05 07:24:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2011/06/05 07:24:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2011/06/05 02:28:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/06/05 02:11:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Galerie de photos Windows Live.lnk [2011/06/05 02:11:17 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/06/05 02:11:16 | 000,001,748 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/06/05 02:11:16 | 000,000,938 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk [2011/06/05 02:11:16 | 000,000,923 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk [2011/06/05 02:11:16 | 000,000,899 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/06/05 02:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\POWERPNT - Raccourci.lnk [2011/06/05 02:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MSACCESS - Raccourci.lnk [2011/06/05 02:11:16 | 000,000,663 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk [2011/06/05 02:11:16 | 000,000,651 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk [2011/06/02 11:23:52 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~34791160r [2011/06/02 11:23:52 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~34791160 [2011/06/02 11:23:36 | 000,000,392 | ---- | C] () -- C:\ProgramData\34791160 [2011/01/30 15:17:43 | 000,024,143 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\UserTile.png [2011/01/13 07:53:42 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI [2010/11/29 12:32:39 | 000,011,264 | -H-- | C] () -- C:\windows\System32\Utils.dll [2010/10/04 06:20:23 | 000,182,163 | ---- | C] () -- C:\windows\hpoins44.dat [2010/05/16 09:00:20 | 000,009,152 | ---- | C] () -- C:\windows\System32\drivers\Ticalc.sys [2010/05/16 09:00:20 | 000,000,659 | ---- | C] () -- C:\windows\Wlink89.ini [2009/12/06 05:51:36 | 000,006,648 | ---- | C] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat [2009/09/25 07:32:31 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe [2009/09/16 17:38:22 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin [2009/09/16 17:38:21 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll [2009/09/16 17:38:07 | 000,643,072 | ---- | C] () -- C:\windows\System32\autochk.exe [2009/09/02 13:45:14 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol [2009/06/15 09:39:50 | 000,101,159 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat [2009/06/15 09:39:50 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat [2009/06/15 09:39:50 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat [2009/06/15 09:39:50 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat [2009/06/15 09:39:50 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat [2009/06/15 09:39:50 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat [2009/06/15 09:39:50 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat [2009/06/15 09:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat [2009/06/15 09:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat [2009/06/15 09:39:50 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat [2009/06/15 09:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat [2009/06/15 09:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat [2009/06/15 09:39:50 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat [2009/06/15 09:39:50 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat [2009/06/15 09:39:50 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat [2009/06/15 09:39:50 | 000,000,099 | ---- | C] () -- C:\windows\System32\PICSDK.ini [2009/06/15 09:39:49 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat [2009/06/15 09:30:32 | 000,000,025 | ---- | C] () -- C:\windows\CDE R240R245EU.ini [2009/06/11 05:30:02 | 000,000,586 | ---- | C] () -- C:\windows\hpomdl44.dat [2009/05/31 19:19:03 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin [2009/05/30 18:11:37 | 000,036,352 | -H-- | C] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/30 18:02:05 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys [2009/05/30 18:02:05 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys [2009/05/30 18:02:05 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini [2009/05/30 16:48:55 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat [2008/07/12 02:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll [2008/07/12 02:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll [2008/07/12 02:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll [2008/07/12 02:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll [2008/07/12 02:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll [2008/07/12 02:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll [2008/07/12 02:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI [2008/05/21 10:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll [2008/05/21 10:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2008/05/21 10:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2008/05/21 10:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin [2008/04/17 12:29:08 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll [2008/04/16 10:18:01 | 000,706,322 | ---- | C] () -- C:\windows\System32\perfh00C.dat [2008/04/16 10:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat [2008/04/16 10:18:01 | 000,140,328 | ---- | C] () -- C:\windows\System32\perfc00C.dat [2008/04/16 10:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat [2008/01/20 22:34:06 | 000,020,992 | ---- | C] () -- C:\windows\System32\drivers\ndistapi.sys [2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2006/11/02 08:44:53 | 000,404,320 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2006/11/02 06:33:01 | 000,637,304 | ---- | C] () -- C:\windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,120,808 | ---- | C] () -- C:\windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2006/05/24 19:22:06 | 000,053,248 | ---- | C] () -- C:\windows\bdoscandel.exe [2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll [2005/04/03 18:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll [2005/03/14 08:38:28 | 000,000,469 | ---- | C] () -- C:\windows\bdoscandellang.ini [2005/02/25 00:15:00 | 000,159,744 | ---- | C] () -- C:\windows\System32\EPSPTDV.DLL [2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll [1998/05/06 23:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll ========== LOP Check ========== [2011/03/30 07:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4 [2010/11/29 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla [2009/07/09 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo [2010/01/24 14:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++ [2010/01/25 18:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org [2011/01/30 15:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking [2009/08/31 13:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall [2010/12/07 05:09:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2010/12/06 14:01:39 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe [2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2009/06/15 09:42:12 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL [2008/07/12 02:35:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall [2009/06/06 17:29:43 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch [2011/01/13 07:18:43 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip [2011/06/05 09:56:14 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/12/30 11:12:30 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2011/06/07 13:32:16 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/06/07 12:27:57 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job ========== Purity Check ========== ========== Custom Scans ========== Invalid Environment Variable: %temp%\1\*. Invalid Environment Variable: %temp%\2\*. Invalid Environment Variable: %temp%\4\*. Invalid Environment Variable: %temp%\1\*.* Invalid Environment Variable: %temp%\2\*.* Invalid Environment Variable: %temp%\4\*.* Invalid Environment Variable: %windir%\temp\*.dat < nslookup www.google.fr /c > Server: UnKnown Address: 127.0.0.1 Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*. Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe Invalid Environment Variable: %APPDATA%\*. Invalid Environment Variable: %APPDATA%\*.exe < %SYSTEMDRIVE%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/04/11 02:28:19 | 000,142,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\fontext.dll [2009/04/11 02:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\mswsock.dll [2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\shell32.dll [2009/04/11 02:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\winrnr.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < MD5 for: AGP440.SYS > [2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ALG.EXE > [2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\System32\alg.exe [2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe < MD5 for: ATAPI.SYS > [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CDROM.SYS > [2008/01/20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 04:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: CSRSS.EXE > [2008/01/20 22:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe [2008/01/20 22:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe < MD5 for: EXPLORER.EXE > [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/20 22:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: IESETUP.DLL > [2009/08/27 09:21:21 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=07C1DC30B491218B6364218691A54E0C -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\iesetup.dll [2010/11/02 03:07:03 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=15B5E22813A9F30017D66A1329F2E27F -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23091_none_a8e2febb8dac6c20\iesetup.dll [2009/03/08 07:32:49 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll [2010/06/26 02:02:15 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2A9B26EFA43B753F10D47195F5D460A1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18943_none_a8919be474643d34\iesetup.dll [2009/07/18 08:10:33 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2AC744DFF6F1DD28028741977644EEDE -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16890_none_c3892afe619bae44\iesetup.dll [2010/01/02 02:32:33 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2BD0AD3549D92C564C71485456CCA0AA -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18882_none_a8655a047485967a\iesetup.dll [2008/07/12 02:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=339804EF2921A0A369CC2FE1FD8160A1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iesetup.dll [2008/01/20 22:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6001.18000_none_c5d0b5245e79496e\iesetup.dll [2008/01/20 22:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll [2009/03/03 00:16:25 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4778DA89B3D33C09EDEDE691DA491405 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16830_none_c3ca0a86616b069e\iesetup.dll [2010/02/23 02:33:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=47A0E748323F3CADA388E39FA95273C1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iesetup.dll [2010/05/04 02:30:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=5568144CDB5C362E6C5A995C13075260 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iesetup.dll [2009/03/03 00:14:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=56EECCEBC0CA71E29D0091FECD999A88 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21023_none_c461503d7a7e09be\iesetup.dll [2009/08/27 09:36:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=58ADB147186B0D2B41EE4E91E6D5CC6B -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21116_none_c46f22ed7a7336f9\iesetup.dll [2010/06/26 02:48:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=64910BBFFFF51E7104E97489A7348661 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23040_none_a9180e0d8d84c714\iesetup.dll [2010/09/08 02:21:10 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6A17074523179649F6B068A405B1BB07 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23067_none_a909703b8d8eb057\iesetup.dll [2010/01/02 10:50:27 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6EE0568A75F0CD510AB68D7FE9823951 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22973_none_a8fac7058d9a33aa\iesetup.dll [2010/11/02 01:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=8C96C8402F61B995FE99F927D6CC635D -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18999_none_a8618e04748760f3\iesetup.dll [2009/07/18 08:09:19 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=90C1A0EFC7BD918C2CE72E4110A4F607 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21089_none_c42672717aa9496e\iesetup.dll [2011/02/22 03:13:12 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=A546FB719FD0F33241E2395EB8430AC9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23143_none_a91b10d18d821040\iesetup.dll [2008/07/12 02:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=AA9D7D186B605F799F09596B97019E6E -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iesetup.dll [2009/08/27 09:57:38 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=B2C1896FC99EF32BB1F5E2354E2B80D0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16916_none_c3e5ae00615563ed\iesetup.dll [2010/05/04 01:55:42 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=BFCB54E8D0EA0DDC737216853F5F1BE7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iesetup.dll [2009/11/21 10:59:20 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D161F0D51B88344EC34C892FA328A414 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22956_none_a91367bb8d8747cd\iesetup.dll [2009/08/27 01:17:43 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D1DDEE44E30941D0F55B782192D1ADD9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\iesetup.dll [2010/02/23 11:00:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=DDF95F4852B0CC532F2837BB7C26B720 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iesetup.dll [2009/04/24 11:54:20 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=DFF5F2459420493D7F253EB5BD853A7C -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll [2009/04/24 12:14:17 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=E8886C83286CC3BCCA9968A0E585A9B4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll [2009/11/21 02:34:39 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EDFCAC93F68A17624DAC4FCE70BA8C6D -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18865_none_a87dfaba7472aa9d\iesetup.dll [2010/12/18 03:11:34 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EEDCAB431CAB2622F43EB1C871A75D49 -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23111_none_a93980018d6b89bf\iesetup.dll [2010/09/08 01:56:53 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=F062C1B99EF675ECD47FCB767BABA327 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18975_none_a8732cb4747ac3b5\iesetup.dll [2010/12/18 02:22:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FAE8EB8CFD74709D4BAB64A27DFD4FAE -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19019_none_a8b7e5867446b4ad\iesetup.dll [2011/02/22 02:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\Windows\System32\iesetup.dll [2011/02/22 02:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19048_none_a8967578745fef29\iesetup.dll < MD5 for: INSENG.DLL > [2008/01/20 22:33:45 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=4023E0174BE81A68D64F4E8F0B280849 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6001.18000_none_993f5ba647c84d3e\inseng.dll [2009/03/08 07:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\Windows\System32\inseng.dll [2009/03/08 07:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll < MD5 for: LOCATOR.EXE > [2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\Windows\System32\Locator.exe [2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\Windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe < MD5 for: LSASS.EXE > [2009/06/15 08:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe [2009/09/10 10:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe [2009/06/15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe [2009/06/15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe [2009/02/13 03:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe [2009/06/15 09:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe [2009/02/13 00:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe [2009/06/15 08:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe [2009/06/15 09:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe [2009/09/09 07:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe [2009/09/10 10:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe [2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe [2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe [2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe [2009/02/13 04:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe < MD5 for: MSDTC.EXE > [2008/01/20 22:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\Windows\System32\msdtc.exe [2008/01/20 22:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\Windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe < MD5 for: MSHTML.DLL > [2009/11/21 02:35:43 | 005,940,736 | ---- | M] (Microsoft Corporation) MD5=062B81F34EADEEF652E759BF93691C50 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll [2009/10/19 09:49:06 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=0AFEF7F9242F5F84F12AE9B84C2C57F4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22247_none_158eeb3d388785cb\mshtml.dll [2009/10/19 09:36:07 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=0B772887F7C50D062AD0FB1B47C0279E -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18124_none_1517ed6c1f5c621a\mshtml.dll [2010/12/18 03:13:16 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=0DA63A2B1D6D55E6005F4552D22E7BBE -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll [2009/03/03 00:38:17 | 003,580,928 | ---- | M] (Microsoft Corporation) MD5=0DCC9623D9A3E77212177F59738BE29A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll [2009/10/21 15:26:09 | 005,943,296 | ---- | M] (Microsoft Corporation) MD5=159239C8EF4D26392F9C160369348C61 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll [2009/04/24 12:03:11 | 003,581,952 | ---- | M] (Microsoft Corporation) MD5=1638C2FA1CC381CE39504B39F7D87F35 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll [2010/09/08 01:57:52 | 005,957,120 | ---- | M] (Microsoft Corporation) MD5=1704FC902E1B53EF87593D60FD312A55 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll [2010/02/23 11:01:50 | 005,946,880 | ---- | M] (Microsoft Corporation) MD5=27DB55375D8F8045A27E016BB21B17C0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll [2009/07/18 07:33:22 | 003,599,360 | ---- | M] (Microsoft Corporation) MD5=2BC9595AEF52C3989B77AB8506615BAD -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll [2008/07/12 02:17:02 | 003,591,680 | ---- | M] (Microsoft Corporation) MD5=3AE6072A86AD8049DD133DB40F73F0C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll [2009/07/18 07:45:50 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=3AF70556543467956227B1D97B314E66 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll [2009/08/27 08:54:40 | 003,600,896 | ---- | M] (Microsoft Corporation) MD5=3B7B0A46482EF271E5C434D0C070129A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22212_none_15aa598f3873b345\mshtml.dll [2009/08/27 09:15:49 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=41FB8068E6624F4D843CB1C0F6E8B0EC -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22508_none_13d4b94f3b3fda3a\mshtml.dll [2010/12/18 02:23:15 | 005,961,216 | ---- | M] (Microsoft Corporation) MD5=42B87D22378C1EF98F3B6F410C2670AA -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll [2009/10/19 10:25:09 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=44FD7EFD38472852E74E8E8D663E1961 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18344_none_131bd9c6224647b1\mshtml.dll [2008/01/20 22:33:25 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=48E05FD07045BB2E5CFC43C970CAF1E7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll [2010/05/04 02:30:34 | 005,953,024 | ---- | M] (Microsoft Corporation) MD5=62F23130C89F1EE5C0C9EEAB0685D1E5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll [2009/03/03 00:15:51 | 003,596,800 | ---- | M] (Microsoft Corporation) MD5=67FFB5ED7723D03B50734614D31B57A5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll [2011/02/22 03:14:18 | 005,964,800 | ---- | M] (Microsoft Corporation) MD5=6D30A34B029176D86EC04ECE6C0F62B1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll [2009/08/27 01:18:40 | 005,940,224 | ---- | M] (Microsoft Corporation) MD5=7172C1681283EC40A8DA9ED4180FF390 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll [2009/07/18 08:12:19 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=77693F4CD5CD48EE3A4ABB5073276976 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll [2009/10/19 10:19:07 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=83A461E3BAB28ACDBE32E2A62BB1BEEE -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21142_none_11bd0f793e3f571e\mshtml.dll [2009/04/24 11:41:26 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=8BC33ADC526B3E7EE6E6AA013154DF69 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll [2010/02/23 02:34:51 | 005,944,832 | ---- | M] (Microsoft Corporation) MD5=8D5FB97AE3D30CCDD8C9D8AF447C7D09 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll [2009/07/18 08:13:26 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=921E63B100F67FA21A0C623930810C58 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll [2009/03/03 00:17:39 | 003,595,264 | ---- | M] (Microsoft Corporation) MD5=94ED56734E8AB74357F8EA2C5C174EA9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll [2008/07/12 02:16:57 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=977C356E655F357665310C0C95D0DBD4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll [2010/11/02 01:58:14 | 005,959,168 | ---- | M] (Microsoft Corporation) MD5=9AC463498C480E9EB3C63DC21E4F29C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll [2009/10/21 06:40:08 | 005,939,712 | ---- | M] (Microsoft Corporation) MD5=9BFB2F7C3A2F626040C4EB8CE5C6ED2A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll [2008/07/12 02:16:58 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=9C4091CD321D6D8BCF9842F109EE574B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll [2010/11/02 03:08:01 | 005,960,704 | ---- | M] (Microsoft Corporation) MD5=9FCC1F6457A84902EA7545B568B5AEDB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll [2009/04/24 11:57:41 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=A0DB69A75113B6A396E271744489824F -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll [2009/04/11 02:28:20 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=A4D04D404AFC1D30EDA01EE50D27AA51 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll [2009/03/03 00:30:20 | 003,581,440 | ---- | M] (Microsoft Corporation) MD5=A77A82830D2BBB001A53A5368934F7EB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll [2011/02/22 02:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\Windows\System32\mshtml.dll [2011/02/22 02:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll [2009/08/27 09:59:40 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=AF7541BC2D91483328E6D9910CD33DD5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll [2010/05/04 01:56:28 | 005,950,976 | ---- | M] (Microsoft Corporation) MD5=B1E862448C38B0F70139BC28F67332DE -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll [2009/08/27 08:39:41 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=BC72B82A8D9F0E2DE67A4985A6676786 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18100_none_15298c1c1f4fc4dc\mshtml.dll [2010/01/02 10:51:38 | 005,945,856 | ---- | M] (Microsoft Corporation) MD5=BE6120F3D7A853039B5437AC9E1986C1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll [2009/08/27 09:30:12 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=BFF746B1558432533876014B66CF04C4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18319_none_13414afc22297291\mshtml.dll [2009/04/24 12:17:00 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=C1BF8C6F8D5E0435D1ABBB94DAC8EAFD -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll [2009/04/24 11:58:31 | 003,582,976 | ---- | M] (Microsoft Corporation) MD5=D12ADCB4045EF392A62990C06694EB78 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll [2009/07/18 12:02:53 | 003,583,488 | ---- | M] (Microsoft Corporation) MD5=D38265A0C435E2A4BE5D662AB82F00E4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll [2009/03/08 07:41:15 | 005,937,152 | ---- | M] (Microsoft Corporation) MD5=D469A0EBA2EF5C6BEE8065B7E3196E5E -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll [2010/06/26 02:03:04 | 005,951,488 | ---- | M] (Microsoft Corporation) MD5=D6168759945CD6BC2DB4BFCD4E94B399 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll [2009/07/18 07:54:12 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=D8C0B944A3FB4BE7BC8DA21D4A5B33AB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll [2009/04/23 08:14:20 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=DBACE2C96ED63E60CD5D89D8DE00D148 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll [2009/10/19 10:40:16 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=DC162F0F1880C30296C5FAD1F60EC6D4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16939_none_11456c7e25131982\mshtml.dll [2010/01/02 02:33:34 | 005,942,784 | ---- | M] (Microsoft Corporation) MD5=DF4D546A6E1C8D0F4FC10FCC9E422763 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll [2010/06/26 02:49:12 | 005,954,560 | ---- | M] (Microsoft Corporation) MD5=DF63821381A08F65174BA42745B1C79B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll [2009/10/19 10:09:35 | 003,586,560 | ---- | M] (Microsoft Corporation) MD5=E3708336831E5249DBB274342649F483 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22544_none_13a578773b63e4a2\mshtml.dll [2010/09/08 02:22:01 | 005,958,656 | ---- | M] (Microsoft Corporation) MD5=E993FB26BFAC2887BFE8DDAC4DC9180A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll [2009/08/27 09:22:52 | 005,942,272 | ---- | M] (Microsoft Corporation) MD5=E9C51FD04019DC14CAE9CEDE3C7B08E3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll [2008/07/12 02:17:01 | 003,593,728 | ---- | M] (Microsoft Corporation) MD5=ED2588D1864319C54E79443130A8004B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll [2009/11/21 11:00:11 | 005,944,320 | ---- | M] (Microsoft Corporation) MD5=ED6055694115B1A247B2591AB465A21D -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll [2009/08/27 09:38:04 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=F500476C0724E476F05331162D4C283D -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21116_none_11e180653e2368a7\mshtml.dll < MD5 for: NDIS.SYS > [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/20 22:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [2008/02/08 00:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys [2008/02/08 00:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys < MD5 for: NETLOGON.DLL > [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/20 22:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: PNGFILT.DLL > [2009/08/27 09:39:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=1C1298D9D37238A00BC5D1DE83C3DD81 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21116_none_ec64dcf22f63617a\pngfilt.dll [2009/03/03 00:17:37 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=27225BECF34ACCCC22432AF2372C19DE -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21023_none_ec570a422f6e343f\pngfilt.dll [2008/07/12 02:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=2AE830B0A293F0CA6CC733CE348911F5 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0\pngfilt.dll [2008/01/20 22:33:19 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=B8D3BF818DEFE1DA9A754F214E528221 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll [2009/07/18 08:15:08 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C840E188F70E6A1287249434B7AC0D3C -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21089_none_ec1c2c762f9973ef\pngfilt.dll [2009/08/27 10:01:41 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C898FF79CBFC9E03C4D98B896A9AF478 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16916_none_ebdb680516458e6e\pngfilt.dll [2009/07/18 08:15:57 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=DCC808FD4EF7E5D3B90FD8F078C1EC7A -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16890_none_eb7ee503168bd8c5\pngfilt.dll [2009/03/08 07:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\Windows\System32\pngfilt.dll [2009/03/08 07:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll [2009/04/24 12:21:05 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F2AA0869227565752353CA2B8F5D2207 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll [2009/03/03 00:19:30 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F759D496F5CD6C78D709CFF95A5F215B -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16830_none_ebbfc48b165b311f\pngfilt.dll [2008/07/12 02:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F761B8CB64DB7D7F4C0B464E97CB7760 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7\pngfilt.dll [2009/04/24 12:00:14 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F8BF080A314646A64CE4F24AE996E136 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll < MD5 for: SAFEBOOT.SYS > [2008/05/13 20:36:18 | 000,108,752 | ---- | M] (SafeBoot International) MD5=2A5EEDCB22A5D6BB0231E38A38E7A7D9 -- C:\Windows\System32\drivers\SafeBoot.sys < MD5 for: SCECLI.DLL > [2008/01/20 22:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: SNMPTRAP.EXE > [2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\Windows\System32\snmptrap.exe [2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\Windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe < MD5 for: SPOOLSV.EXE > [2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [2009/04/11 02:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe [2008/01/20 22:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe [2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe [2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [2010/08/17 10:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [2010/08/17 09:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe < MD5 for: TASKENG.EXE > [2010/11/05 09:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe [2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\System32\taskeng.exe [2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe [2008/01/20 22:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe [2010/11/04 18:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe [2009/04/11 02:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe [2010/11/04 20:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe < MD5 for: TCPIP.SYS > [2008/04/26 04:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009/04/11 02:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2009/12/08 16:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 17:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 13:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2010/02/18 07:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 10:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 10:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009/12/08 16:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 10:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 08:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009/12/08 16:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010/06/16 11:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 12:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2010/06/16 12:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008/04/26 04:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 13:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 13:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2008/07/12 02:14:08 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys [2010/02/18 13:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 13:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010/02/18 10:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 16:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/20 22:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 12:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys < MD5 for: UI0DETECT.EXE > [2008/01/20 22:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\Windows\System32\UI0Detect.exe [2008/01/20 22:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\Windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe < MD5 for: USBPRINT.SYS > [2006/11/02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys [2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys < MD5 for: USBSCAN.SYS > [2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys [2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 05:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys < MD5 for: USERINIT.EXE > [2008/01/20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: VDS.EXE > [2008/01/20 22:34:50 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=B13BC395B9D6116628F5AF47E0802AC4 -- C:\Windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe [2009/04/11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\Windows\System32\vds.exe [2009/04/11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\Windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe < MD5 for: VOLSNAP.SYS > [2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2008/01/20 22:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/20 22:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys < MD5 for: VSSVC.EXE > [2008/01/20 22:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=D5FB73D19C46ADE183F968E13F186B23 -- C:\Windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe [2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\Windows\System32\VSSVC.exe [2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\Windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe < MD5 for: WEBCHECK.DLL > [2008/01/20 22:33:49 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=4F4889A9D680714BE11B31BD01A0411A -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_612be2f851b99095\webcheck.dll [2009/04/11 02:28:25 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=8208E4895BA625884FF3699CCA1D9E3D -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_63175c044edb5be1\webcheck.dll [2009/03/08 07:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\Windows\System32\webcheck.dll [2009/03/08 07:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll < MD5 for: WININIT.EXE > [2008/01/20 22:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/20 22:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/20 22:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WMIAPSRV.EXE > [2009/04/11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\Windows\System32\wbem\WmiApSrv.exe [2009/04/11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApSrv.exe [2008/01/20 22:33:24 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=ABA4CF9F856D9A3A25F4DDD7690A6E9D -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe < MD5 for: WMPNETWK.EXE > [2008/01/20 22:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Program Files\Windows Media Player\wmpnetwk.exe [2008/01/20 22:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe < CREATERESTOREPOINT > < End of report > pear, je serai absent quelques jours , d'ici samedi, pourrons nous continuer la procédure ? merci et bonne soirée

oups ! avant de lire votre réponse, j'ai lancé ccleaner et relancer OTL bon, désolé, je ne prendrai plus d'initiative perso AVANT d'avoir obtenu votre aval. le scan vient de se finir : otl.txt s'est ouvert dans le bloc note et ... impossible de l'enregistrer ni sur le bureau ni sur une clé usb (ça ne s'écrit pas) voici le rapport que j'ai obtenu : OTL logfile created on: 07/06/2011 18:34:35 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\deborah\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,93 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 58,69% Memory free 6,06 Gb Paging File | 4,74 Gb Available in Paging File | 78,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 288,09 Gb Total Space | 213,36 Gb Free Space | 74,06% Space Free | Partition Type: NTFS Drive D: | 9,00 Gb Total Space | 1,84 Gb Free Space | 20,45% Space Free | Partition Type: NTFS Drive F: | 1021,00 Mb Total Space | 938,88 Mb Free Space | 91,96% Space Free | Partition Type: FAT32 Computer Name: PC-DE-DEBORAH | User Name: deborah | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\conime.exe PRC - [2008/05/02 22:17:02 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe PRC - [2008/04/18 15:53:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe ========== Modules (SafeList) ========== MOD - [2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2008/05/21 02:42:30 | 000,081,680 | ---- | M] (Bioscrypt Inc.) -- C:\windows\System32\APSHook.dll ========== Win32 Services (SafeList) ========== SRV - [2011/06/05 08:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC) SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker) SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll -- (ASChannel) SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service) SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService) SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService) SRV - [2008/04/18 15:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca) SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\windows\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg) DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock) DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock) DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot) DRV - [2008/04/28 08:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel® DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2008/04/10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/01/21 04:34:06 | 000,020,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\tpm.sys -- (TPM) DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) DRV - [2001/01/29 16:41:04 | 000,009,152 | ---- | M] () [Kernel | Auto | Stopped] -- C:\windows\System32\drivers\Ticalc.sys -- (TICalc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/ IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.easysear.ch/" FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/04 12:31:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/05 15:47:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/05 15:47:25 | 000,000,000 | ---D | M] [2010/11/09 17:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\mozilla\Extensions [2011/05/18 13:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\mozilla\Firefox\Profiles\xcpc4ae4.default\extensions [2010/11/09 22:01:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\deborah\AppData\Roaming\mozilla\Firefox\Profiles\xcpc4ae4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/06/05 16:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/01/13 12:47:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/06/05 16:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/10/04 12:31:53 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3 [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2009/08/24 21:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2009/08/24 21:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2009/08/24 21:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2009/08/24 21:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2009/08/24 21:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/06/05 21:59:05 | 000,000,027 | ---- | M]) - C:\windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found. O3 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [CognizanceTS] File not found O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpReg: Akizijiwanomohag - hkey= - key= - File not found MsConfig - StartUpReg: asp70vdviss.exe - hkey= - key= - File not found MsConfig - StartUpReg: CanalPlayer - hkey= - key= - File not found MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - File not found MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: rpcnet - C:\windows\System32\rpcnet.exe (Absolute Software Corp.) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: rpcnet - C:\windows\System32\rpcnet.exe (Absolute Software Corp.) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/06/07 18:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/06/07 17:42:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe [2011/06/06 18:12:17 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2011/06/06 17:39:55 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2011/06/06 17:30:47 | 004,114,023 | ---- | C] (Swearware) -- C:\Users\deborah\Desktop\sally.com [2011/06/06 17:29:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/06/06 17:28:14 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2011/06/05 21:56:16 | 000,000,000 | ---D | C] -- C:\windows\temp [2011/06/05 21:56:16 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\temp [2011/06/05 21:43:13 | 000,000,000 | ---D | C] -- C:\ComboFix [2011/06/05 16:12:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2011/06/05 16:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2011/06/05 16:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2011/06/05 15:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/06/05 15:56:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\System32\GEARAspi.dll [2011/06/05 15:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/06/05 15:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/06/05 15:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011/06/05 15:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/06/05 15:51:58 | 000,000,000 | ---D | C] -- C:\windows\fr [2011/06/05 15:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/06/05 15:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011/06/05 15:45:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll [2011/06/05 15:44:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll [2011/06/05 15:44:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll [2011/06/05 13:58:03 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\Windows Live [2011/06/05 13:57:15 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll [2011/06/05 13:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\WindowsPowerShell [2011/06/05 13:44:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrsmgr.dll [2011/06/05 13:44:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrs.exe [2011/06/05 13:44:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrshost.exe [2011/06/05 13:44:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmprovhost.exe [2011/06/05 13:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmplpxy.dll [2011/06/05 13:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrssrv.dll [2011/06/05 13:44:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wevtfwd.dll [2011/06/05 13:44:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecutil.exe [2011/06/05 13:44:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecapi.dll [2011/06/05 13:44:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmRes.dll [2011/06/05 13:44:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pwrshplugin.dll [2011/06/05 13:44:10 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll [2011/06/05 13:44:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe [2011/06/05 13:44:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrscmd.dll [2011/06/05 13:44:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll [2011/06/05 13:44:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll [2011/06/05 13:43:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe [2011/06/05 13:43:06 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFH264Dec.dll [2011/06/05 13:43:06 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFHEAACdec.dll [2011/06/05 13:43:06 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfmp4src.dll [2011/06/05 13:43:06 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll [2011/06/05 13:43:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll [2011/06/05 13:43:05 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll [2011/06/05 13:43:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelinesvc.exe [2011/06/05 13:43:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll [2011/06/05 13:43:04 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfplat.dll [2011/06/05 13:43:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfps.dll [2011/06/05 13:43:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll [2011/06/05 13:43:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelineprxy.dll [2011/06/05 13:42:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll [2011/06/05 13:42:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll [2011/06/05 13:42:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/06/05 13:42:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2011/06/05 13:42:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2011/06/05 13:42:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/06/05 13:42:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/06/05 13:42:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2011/06/05 13:42:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/06/05 13:42:26 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/06/05 13:42:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2011/06/05 13:42:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/06/05 13:42:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/06/05 13:42:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/06/05 13:42:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/06/05 13:42:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/06/05 13:42:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/06/05 13:42:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2011/06/05 13:42:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2011/06/05 13:42:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/06/05 13:42:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/06/05 13:42:11 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll [2011/06/05 13:42:11 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll [2011/06/05 13:42:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2011/06/05 13:42:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2011/06/05 13:42:05 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll [2011/06/05 13:42:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2011/06/05 13:42:05 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll [2011/06/05 13:42:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2011/06/05 13:42:04 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll [2011/06/05 13:42:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll [2011/06/05 13:42:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011/06/05 13:42:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2011/06/05 13:42:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll [2011/06/05 13:40:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll [2011/06/05 13:40:13 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll [2011/06/05 13:40:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax [2011/06/05 13:40:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbeio.dll [2011/06/05 13:40:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/06/05 13:40:12 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/06/05 13:40:11 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011/06/05 13:24:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2011/06/05 13:24:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2011/06/05 13:24:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2011/06/05 13:24:46 | 000,000,000 | ---D | C] -- C:\windows\ERDNT [2011/06/05 13:24:40 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/06/05 09:56:02 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\pavboot.sys [2011/06/05 09:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2011/06/05 09:53:32 | 000,000,000 | ---D | C] -- C:\windows\BDOSCAN8 [2011/06/05 08:28:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/06/05 08:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/06/05 08:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/06/05 08:28:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/06/05 08:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/06/05 08:26:47 | 000,000,000 | ---D | C] -- C:\28710 [2011/06/05 08:09:58 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\RK_Quarantine [2011/06/03 01:24:56 | 000,000,000 | ---D | C] -- C:\found.001 [2011/05/17 13:35:17 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\Nouveau dossier (2) [2009/05/31 00:02:05 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll [2009/05/31 00:02:05 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2011/06/07 18:35:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/06/07 18:34:02 | 000,137,692 | ---- | M] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg [2011/06/07 18:30:43 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/06/07 18:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job [2011/06/07 18:20:03 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe [2011/06/07 18:20:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll [2011/06/07 18:19:46 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/06/07 18:19:46 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/06/07 18:19:38 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/06/07 18:19:34 | 3143,921,664 | -HS- | M] () -- C:\hiberfil.sys [2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe [2011/06/07 14:12:11 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat [2011/06/06 18:12:17 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2011/06/06 17:33:17 | 000,002,687 | ---- | M] () -- C:\Users\deborah\Desktop\Microsoft Office Word 2007.lnk [2011/06/06 17:31:03 | 004,114,023 | ---- | M] (Swearware) -- C:\Users\deborah\Desktop\sally.com [2011/06/05 21:59:05 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts [2011/06/05 16:14:48 | 001,301,452 | ---- | M] () -- C:\Users\deborah\Desktop\tdsskiller.zip [2011/06/05 16:02:59 | 000,404,320 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/06/05 15:56:42 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/06/05 15:47:14 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/06/05 13:47:54 | 000,706,322 | ---- | M] () -- C:\windows\System32\perfh00C.dat [2011/06/05 13:47:54 | 000,140,328 | ---- | M] () -- C:\windows\System32\perfc00C.dat [2011/06/05 13:26:11 | 000,637,304 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/06/05 13:26:11 | 000,120,808 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/06/05 09:42:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt [2011/06/05 09:39:45 | 000,036,352 | -H-- | M] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/05 09:09:20 | 000,006,648 | ---- | M] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat [2011/06/05 08:28:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/06/05 08:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.exe [2011/06/05 08:17:42 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll [2011/06/02 17:27:19 | 000,000,392 | ---- | M] () -- C:\ProgramData\34791160 [2011/06/02 17:23:52 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~34791160r [2011/06/02 17:23:52 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~34791160 [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys ========== Files Created - No Company Name ========== [2011/06/07 18:35:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/06/07 18:33:57 | 000,137,692 | ---- | C] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg [2011/06/07 18:30:43 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/06/05 21:57:55 | 3143,921,664 | -HS- | C] () -- C:\hiberfil.sys [2011/06/05 16:14:30 | 001,301,452 | ---- | C] () -- C:\Users\deborah\Desktop\tdsskiller.zip [2011/06/05 15:56:42 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/06/05 15:51:07 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/06/05 15:50:23 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/06/05 15:49:30 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011/06/05 15:48:58 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/06/05 15:47:14 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/06/05 13:44:11 | 000,201,184 | ---- | C] () -- C:\windows\System32\winrm.vbs [2011/06/05 13:44:11 | 000,002,426 | ---- | C] () -- C:\windows\System32\WsmTxt.xsl [2011/06/05 13:44:10 | 000,004,675 | ---- | C] () -- C:\windows\System32\wsmanconfig_schema.xml [2011/06/05 13:24:52 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe [2011/06/05 13:24:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2011/06/05 13:24:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2011/06/05 13:24:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2011/06/05 13:24:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2011/06/05 08:28:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/06/05 08:11:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Galerie de photos Windows Live.lnk [2011/06/05 08:11:17 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/06/05 08:11:16 | 000,001,748 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/06/05 08:11:16 | 000,000,938 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk [2011/06/05 08:11:16 | 000,000,923 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk [2011/06/05 08:11:16 | 000,000,899 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/06/05 08:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\POWERPNT - Raccourci.lnk [2011/06/05 08:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\MSACCESS - Raccourci.lnk [2011/06/05 08:11:16 | 000,000,663 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk [2011/06/05 08:11:16 | 000,000,651 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk [2011/06/02 17:23:52 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~34791160r [2011/06/02 17:23:52 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~34791160 [2011/06/02 17:23:36 | 000,000,392 | ---- | C] () -- C:\ProgramData\34791160 [2011/01/30 21:17:43 | 000,024,143 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\UserTile.png [2011/01/13 13:53:42 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI [2010/11/29 18:32:39 | 000,011,264 | -H-- | C] () -- C:\windows\System32\Utils.dll [2010/10/04 12:20:23 | 000,182,163 | ---- | C] () -- C:\windows\hpoins44.dat [2010/05/16 15:00:20 | 000,009,152 | ---- | C] () -- C:\windows\System32\drivers\Ticalc.sys [2010/05/16 15:00:20 | 000,000,659 | ---- | C] () -- C:\windows\Wlink89.ini [2009/12/06 11:51:36 | 000,006,648 | ---- | C] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat [2009/09/25 13:32:31 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe [2009/09/16 23:38:22 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin [2009/09/16 23:38:21 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll [2009/09/16 23:38:07 | 000,643,072 | ---- | C] () -- C:\windows\System32\autochk.exe [2009/09/02 19:45:14 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol [2009/06/15 15:39:50 | 000,101,159 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat [2009/06/15 15:39:50 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat [2009/06/15 15:39:50 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat [2009/06/15 15:39:50 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat [2009/06/15 15:39:50 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat [2009/06/15 15:39:50 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat [2009/06/15 15:39:50 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat [2009/06/15 15:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat [2009/06/15 15:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat [2009/06/15 15:39:50 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat [2009/06/15 15:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat [2009/06/15 15:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat [2009/06/15 15:39:50 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat [2009/06/15 15:39:50 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat [2009/06/15 15:39:50 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat [2009/06/15 15:39:50 | 000,000,099 | ---- | C] () -- C:\windows\System32\PICSDK.ini [2009/06/15 15:39:49 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat [2009/06/15 15:30:32 | 000,000,025 | ---- | C] () -- C:\windows\CDE R240R245EU.ini [2009/06/11 11:30:02 | 000,000,586 | ---- | C] () -- C:\windows\hpomdl44.dat [2009/06/01 01:19:03 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin [2009/05/31 00:11:37 | 000,036,352 | -H-- | C] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/31 00:02:05 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys [2009/05/31 00:02:05 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys [2009/05/31 00:02:05 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini [2009/05/30 22:48:55 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat [2008/07/12 08:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll [2008/07/12 08:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll [2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll [2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll [2008/07/12 08:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll [2008/07/12 08:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll [2008/07/12 08:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI [2008/05/21 16:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll [2008/05/21 16:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2008/05/21 16:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2008/05/21 16:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin [2008/05/14 02:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys [2008/04/17 18:29:08 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll [2008/04/16 16:18:01 | 000,706,322 | ---- | C] () -- C:\windows\System32\perfh00C.dat [2008/04/16 16:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat [2008/04/16 16:18:01 | 000,140,328 | ---- | C] () -- C:\windows\System32\perfc00C.dat [2008/04/16 16:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat [2008/01/21 04:34:06 | 000,020,992 | ---- | C] () -- C:\windows\System32\drivers\ndistapi.sys [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2006/11/02 14:44:53 | 000,404,320 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2006/11/02 12:33:01 | 000,637,304 | ---- | C] () -- C:\windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,120,808 | ---- | C] () -- C:\windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\windows\bdoscandel.exe [2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll [2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll [2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\windows\bdoscandellang.ini [2005/02/25 06:15:00 | 000,159,744 | ---- | C] () -- C:\windows\System32\EPSPTDV.DLL [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll [1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll ========== LOP Check ========== [2011/03/30 13:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4 [2010/11/29 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla [2009/07/09 23:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo [2010/01/24 20:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++ [2010/01/26 00:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org [2011/01/30 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking [2009/08/31 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall [2011/06/07 14:12:12 | 000,032,580 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [2011/06/07 18:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job ========== Purity Check ========== ========== Custom Scans ========== < %temp%\1\*. /s > < %temp%\2\*. /s > < %temp%\4\*. /s > < %temp%\1\*.* /s > < %temp%\2\*.* /s > < %temp%\4\*.* /s > < nslookup www.google.fr /c > Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.146.103 209.85.146.99 209.85.146.147 209.85.146.105 209.85.146.106 209.85.146.104 Aliases: WWW.GOOGLE.FR www.google.com < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/03/30 13:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4 [2011/06/05 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Adobe [2009/12/30 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Apple Computer [2010/11/29 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla [2009/06/18 22:57:01 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Google [2009/05/31 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Hewlett-Packard [2010/10/04 12:58:21 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\HP [2009/06/06 23:35:07 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\HPQLOG [2009/05/31 00:10:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Identities [2009/05/30 23:57:08 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InstallShield [2009/07/09 23:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo [2009/05/31 00:05:04 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Macromedia [2011/03/27 14:53:30 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Malwarebytes [2011/01/13 13:39:23 | 000,000,000 | --SD | M] -- C:\Users\deborah\AppData\Roaming\Microsoft [2010/11/09 17:14:16 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Mozilla [2010/01/24 20:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++ [2010/01/26 00:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org [2011/01/30 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking [2009/08/07 16:22:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Roxio [2009/08/31 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall < %APPDATA%\*.exe /s > [2010/05/01 23:28:16 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\deborah\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe < %SYSTEMDRIVE%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < MD5 for: AGP440.SYS > [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\drivers\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ALG.EXE > [2008/01/21 04:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\windows\system32\alg.exe [2008/01/21 04:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe < MD5 for: ATAPI.SYS > [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\system32\drivers\atapi.sys [2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CDROM.SYS > [2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\system32\drivers\cdrom.sys [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\windows\system32\cngaudit.dll [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: CSRSS.EXE > [2008/01/21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\windows\system32\csrss.exe [2008/01/21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe < MD5 for: EXPLORER.EXE > [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\windows\explorer.exe [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\system32\drivers\iaStorV.sys [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\system32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\windows\system32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: IESETUP.DLL > [2009/08/27 15:21:21 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=07C1DC30B491218B6364218691A54E0C -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\iesetup.dll [2010/11/02 09:07:03 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=15B5E22813A9F30017D66A1329F2E27F -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23091_none_a8e2febb8dac6c20\iesetup.dll [2009/03/08 13:32:49 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll [2010/06/26 08:02:15 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2A9B26EFA43B753F10D47195F5D460A1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18943_none_a8919be474643d34\iesetup.dll [2009/07/18 14:10:33 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2AC744DFF6F1DD28028741977644EEDE -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16890_none_c3892afe619bae44\iesetup.dll [2010/01/02 08:32:33 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2BD0AD3549D92C564C71485456CCA0AA -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18882_none_a8655a047485967a\iesetup.dll [2008/07/12 08:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=339804EF2921A0A369CC2FE1FD8160A1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iesetup.dll [2008/01/21 04:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6001.18000_none_c5d0b5245e79496e\iesetup.dll [2008/01/21 04:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll [2009/03/03 06:16:25 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4778DA89B3D33C09EDEDE691DA491405 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16830_none_c3ca0a86616b069e\iesetup.dll [2010/02/23 08:33:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=47A0E748323F3CADA388E39FA95273C1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iesetup.dll [2010/05/04 08:30:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=5568144CDB5C362E6C5A995C13075260 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iesetup.dll [2009/03/03 06:14:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=56EECCEBC0CA71E29D0091FECD999A88 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21023_none_c461503d7a7e09be\iesetup.dll [2009/08/27 15:36:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=58ADB147186B0D2B41EE4E91E6D5CC6B -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21116_none_c46f22ed7a7336f9\iesetup.dll [2010/06/26 08:48:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=64910BBFFFF51E7104E97489A7348661 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23040_none_a9180e0d8d84c714\iesetup.dll [2010/09/08 08:21:10 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6A17074523179649F6B068A405B1BB07 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23067_none_a909703b8d8eb057\iesetup.dll [2010/01/02 16:50:27 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6EE0568A75F0CD510AB68D7FE9823951 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22973_none_a8fac7058d9a33aa\iesetup.dll [2010/11/02 07:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=8C96C8402F61B995FE99F927D6CC635D -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18999_none_a8618e04748760f3\iesetup.dll [2009/07/18 14:09:19 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=90C1A0EFC7BD918C2CE72E4110A4F607 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21089_none_c42672717aa9496e\iesetup.dll [2011/02/22 09:13:12 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=A546FB719FD0F33241E2395EB8430AC9 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23143_none_a91b10d18d821040\iesetup.dll [2008/07/12 08:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=AA9D7D186B605F799F09596B97019E6E -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iesetup.dll [2009/08/27 15:57:38 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=B2C1896FC99EF32BB1F5E2354E2B80D0 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16916_none_c3e5ae00615563ed\iesetup.dll [2010/05/04 07:55:42 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=BFCB54E8D0EA0DDC737216853F5F1BE7 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iesetup.dll [2009/11/21 16:59:20 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D161F0D51B88344EC34C892FA328A414 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22956_none_a91367bb8d8747cd\iesetup.dll [2009/08/27 07:17:43 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D1DDEE44E30941D0F55B782192D1ADD9 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\iesetup.dll [2010/02/23 17:00:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=DDF95F4852B0CC532F2837BB7C26B720 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iesetup.dll [2009/04/24 17:54:20 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=DFF5F2459420493D7F253EB5BD853A7C -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll [2009/04/24 18:14:17 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=E8886C83286CC3BCCA9968A0E585A9B4 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll [2009/11/21 08:34:39 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EDFCAC93F68A17624DAC4FCE70BA8C6D -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18865_none_a87dfaba7472aa9d\iesetup.dll [2010/12/18 09:11:34 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EEDCAB431CAB2622F43EB1C871A75D49 -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23111_none_a93980018d6b89bf\iesetup.dll [2010/09/08 07:56:53 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=F062C1B99EF675ECD47FCB767BABA327 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18975_none_a8732cb4747ac3b5\iesetup.dll [2010/12/18 08:22:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FAE8EB8CFD74709D4BAB64A27DFD4FAE -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19019_none_a8b7e5867446b4ad\iesetup.dll [2011/02/22 08:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\windows\system32\iesetup.dll [2011/02/22 08:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19048_none_a8967578745fef29\iesetup.dll < MD5 for: INSENG.DLL > [2008/01/21 04:33:45 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=4023E0174BE81A68D64F4E8F0B280849 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6001.18000_none_993f5ba647c84d3e\inseng.dll [2009/03/08 13:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\windows\system32\inseng.dll [2009/03/08 13:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll < MD5 for: LOCATOR.EXE > [2006/11/02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\windows\system32\Locator.exe [2006/11/02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe < MD5 for: LSASS.EXE > [2009/06/15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe [2009/09/10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe [2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\windows\system32\lsass.exe [2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe [2009/02/13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe [2009/06/15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe [2009/06/15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe [2009/02/13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe [2009/06/15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe [2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe [2009/09/09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe [2009/09/10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe [2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe [2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe [2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe [2009/02/13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe < MD5 for: MSDTC.EXE > [2008/01/21 04:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\windows\system32\msdtc.exe [2008/01/21 04:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe < MD5 for: MSHTML.DLL > [2009/11/21 08:35:43 | 005,940,736 | ---- | M] (Microsoft Corporation) MD5=062B81F34EADEEF652E759BF93691C50 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll [2009/10/19 15:49:06 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=0AFEF7F9242F5F84F12AE9B84C2C57F4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22247_none_158eeb3d388785cb\mshtml.dll [2009/10/19 15:36:07 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=0B772887F7C50D062AD0FB1B47C0279E -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18124_none_1517ed6c1f5c621a\mshtml.dll [2010/12/18 09:13:16 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=0DA63A2B1D6D55E6005F4552D22E7BBE -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll [2009/03/03 06:38:17 | 003,580,928 | ---- | M] (Microsoft Corporation) MD5=0DCC9623D9A3E77212177F59738BE29A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll [2009/10/21 21:26:09 | 005,943,296 | ---- | M] (Microsoft Corporation) MD5=159239C8EF4D26392F9C160369348C61 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll [2009/04/24 18:03:11 | 003,581,952 | ---- | M] (Microsoft Corporation) MD5=1638C2FA1CC381CE39504B39F7D87F35 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll [2010/09/08 07:57:52 | 005,957,120 | ---- | M] (Microsoft Corporation) MD5=1704FC902E1B53EF87593D60FD312A55 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll [2010/02/23 17:01:50 | 005,946,880 | ---- | M] (Microsoft Corporation) MD5=27DB55375D8F8045A27E016BB21B17C0 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll [2009/07/18 13:33:22 | 003,599,360 | ---- | M] (Microsoft Corporation) MD5=2BC9595AEF52C3989B77AB8506615BAD -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll [2008/07/12 08:17:02 | 003,591,680 | ---- | M] (Microsoft Corporation) MD5=3AE6072A86AD8049DD133DB40F73F0C8 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll [2009/07/18 13:45:50 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=3AF70556543467956227B1D97B314E66 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll [2009/08/27 14:54:40 | 003,600,896 | ---- | M] (Microsoft Corporation) MD5=3B7B0A46482EF271E5C434D0C070129A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22212_none_15aa598f3873b345\mshtml.dll [2009/08/27 15:15:49 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=41FB8068E6624F4D843CB1C0F6E8B0EC -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22508_none_13d4b94f3b3fda3a\mshtml.dll [2010/12/18 08:23:15 | 005,961,216 | ---- | M] (Microsoft Corporation) MD5=42B87D22378C1EF98F3B6F410C2670AA -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll [2009/10/19 16:25:09 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=44FD7EFD38472852E74E8E8D663E1961 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18344_none_131bd9c6224647b1\mshtml.dll [2008/01/21 04:33:25 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=48E05FD07045BB2E5CFC43C970CAF1E7 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll [2010/05/04 08:30:34 | 005,953,024 | ---- | M] (Microsoft Corporation) MD5=62F23130C89F1EE5C0C9EEAB0685D1E5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll [2009/03/03 06:15:51 | 003,596,800 | ---- | M] (Microsoft Corporation) MD5=67FFB5ED7723D03B50734614D31B57A5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll [2011/02/22 09:14:18 | 005,964,800 | ---- | M] (Microsoft Corporation) MD5=6D30A34B029176D86EC04ECE6C0F62B1 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll [2009/08/27 07:18:40 | 005,940,224 | ---- | M] (Microsoft Corporation) MD5=7172C1681283EC40A8DA9ED4180FF390 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll [2009/07/18 14:12:19 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=77693F4CD5CD48EE3A4ABB5073276976 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll [2009/10/19 16:19:07 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=83A461E3BAB28ACDBE32E2A62BB1BEEE -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21142_none_11bd0f793e3f571e\mshtml.dll [2009/04/24 17:41:26 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=8BC33ADC526B3E7EE6E6AA013154DF69 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll [2010/02/23 08:34:51 | 005,944,832 | ---- | M] (Microsoft Corporation) MD5=8D5FB97AE3D30CCDD8C9D8AF447C7D09 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll [2009/07/18 14:13:26 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=921E63B100F67FA21A0C623930810C58 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll [2009/03/03 06:17:39 | 003,595,264 | ---- | M] (Microsoft Corporation) MD5=94ED56734E8AB74357F8EA2C5C174EA9 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll [2008/07/12 08:16:57 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=977C356E655F357665310C0C95D0DBD4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll [2010/11/02 07:58:14 | 005,959,168 | ---- | M] (Microsoft Corporation) MD5=9AC463498C480E9EB3C63DC21E4F29C8 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll [2009/10/21 12:40:08 | 005,939,712 | ---- | M] (Microsoft Corporation) MD5=9BFB2F7C3A2F626040C4EB8CE5C6ED2A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll [2008/07/12 08:16:58 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=9C4091CD321D6D8BCF9842F109EE574B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll [2010/11/02 09:08:01 | 005,960,704 | ---- | M] (Microsoft Corporation) MD5=9FCC1F6457A84902EA7545B568B5AEDB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll [2009/04/24 17:57:41 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=A0DB69A75113B6A396E271744489824F -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll [2009/04/11 08:28:20 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=A4D04D404AFC1D30EDA01EE50D27AA51 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll [2009/03/03 06:30:20 | 003,581,440 | ---- | M] (Microsoft Corporation) MD5=A77A82830D2BBB001A53A5368934F7EB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll [2011/02/22 08:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\windows\system32\mshtml.dll [2011/02/22 08:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll [2009/08/27 15:59:40 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=AF7541BC2D91483328E6D9910CD33DD5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll [2010/05/04 07:56:28 | 005,950,976 | ---- | M] (Microsoft Corporation) MD5=B1E862448C38B0F70139BC28F67332DE -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll [2009/08/27 14:39:41 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=BC72B82A8D9F0E2DE67A4985A6676786 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18100_none_15298c1c1f4fc4dc\mshtml.dll [2010/01/02 16:51:38 | 005,945,856 | ---- | M] (Microsoft Corporation) MD5=BE6120F3D7A853039B5437AC9E1986C1 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll [2009/08/27 15:30:12 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=BFF746B1558432533876014B66CF04C4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18319_none_13414afc22297291\mshtml.dll [2009/04/24 18:17:00 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=C1BF8C6F8D5E0435D1ABBB94DAC8EAFD -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll [2009/04/24 17:58:31 | 003,582,976 | ---- | M] (Microsoft Corporation) MD5=D12ADCB4045EF392A62990C06694EB78 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll [2009/07/18 18:02:53 | 003,583,488 | ---- | M] (Microsoft Corporation) MD5=D38265A0C435E2A4BE5D662AB82F00E4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll [2009/03/08 13:41:15 | 005,937,152 | ---- | M] (Microsoft Corporation) MD5=D469A0EBA2EF5C6BEE8065B7E3196E5E -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll [2010/06/26 08:03:04 | 005,951,488 | ---- | M] (Microsoft Corporation) MD5=D6168759945CD6BC2DB4BFCD4E94B399 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll [2009/07/18 13:54:12 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=D8C0B944A3FB4BE7BC8DA21D4A5B33AB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll [2009/04/23 14:14:20 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=DBACE2C96ED63E60CD5D89D8DE00D148 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll [2009/10/19 16:40:16 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=DC162F0F1880C30296C5FAD1F60EC6D4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16939_none_11456c7e25131982\mshtml.dll [2010/01/02 08:33:34 | 005,942,784 | ---- | M] (Microsoft Corporation) MD5=DF4D546A6E1C8D0F4FC10FCC9E422763 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll [2010/06/26 08:49:12 | 005,954,560 | ---- | M] (Microsoft Corporation) MD5=DF63821381A08F65174BA42745B1C79B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll [2009/10/19 16:09:35 | 003,586,560 | ---- | M] (Microsoft Corporation) MD5=E3708336831E5249DBB274342649F483 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22544_none_13a578773b63e4a2\mshtml.dll [2010/09/08 08:22:01 | 005,958,656 | ---- | M] (Microsoft Corporation) MD5=E993FB26BFAC2887BFE8DDAC4DC9180A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll [2009/08/27 15:22:52 | 005,942,272 | ---- | M] (Microsoft Corporation) MD5=E9C51FD04019DC14CAE9CEDE3C7B08E3 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll [2008/07/12 08:17:01 | 003,593,728 | ---- | M] (Microsoft Corporation) MD5=ED2588D1864319C54E79443130A8004B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll [2009/11/21 17:00:11 | 005,944,320 | ---- | M] (Microsoft Corporation) MD5=ED6055694115B1A247B2591AB465A21D -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll [2009/08/27 15:38:04 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=F500476C0724E476F05331162D4C283D -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21116_none_11e180653e2368a7\mshtml.dll < MD5 for: NDIS.SYS > [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\windows\system32\drivers\ndis.sys [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys [2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys < MD5 for: NETLOGON.DLL > [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\windows\system32\netlogon.dll [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\windows\system32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\system32\drivers\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\system32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: PNGFILT.DLL > [2009/08/27 15:39:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=1C1298D9D37238A00BC5D1DE83C3DD81 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21116_none_ec64dcf22f63617a\pngfilt.dll [2009/03/03 06:17:37 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=27225BECF34ACCCC22432AF2372C19DE -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21023_none_ec570a422f6e343f\pngfilt.dll [2008/07/12 08:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=2AE830B0A293F0CA6CC733CE348911F5 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0\pngfilt.dll [2008/01/21 04:33:19 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=B8D3BF818DEFE1DA9A754F214E528221 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll [2009/07/18 14:15:08 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C840E188F70E6A1287249434B7AC0D3C -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21089_none_ec1c2c762f9973ef\pngfilt.dll [2009/08/27 16:01:41 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C898FF79CBFC9E03C4D98B896A9AF478 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16916_none_ebdb680516458e6e\pngfilt.dll [2009/07/18 14:15:57 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=DCC808FD4EF7E5D3B90FD8F078C1EC7A -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16890_none_eb7ee503168bd8c5\pngfilt.dll [2009/03/08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\windows\system32\pngfilt.dll [2009/03/08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll [2009/04/24 18:21:05 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F2AA0869227565752353CA2B8F5D2207 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll [2009/03/03 06:19:30 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F759D496F5CD6C78D709CFF95A5F215B -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16830_none_ebbfc48b165b311f\pngfilt.dll [2008/07/12 08:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F761B8CB64DB7D7F4C0B464E97CB7760 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7\pngfilt.dll [2009/04/24 18:00:14 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F8BF080A314646A64CE4F24AE996E136 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll < MD5 for: SAFEBOOT.SYS > [2008/05/14 02:36:18 | 000,108,752 | ---- | M] (SafeBoot International) MD5=2A5EEDCB22A5D6BB0231E38A38E7A7D9 -- C:\windows\system32\drivers\SafeBoot.sys < MD5 for: SCECLI.DLL > [2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\windows\system32\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: SNMPTRAP.EXE > [2006/11/02 11:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\windows\system32\snmptrap.exe [2006/11/02 11:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe < MD5 for: SPOOLSV.EXE > [2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe [2008/01/21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\windows\system32\spoolsv.exe [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe < MD5 for: TASKENG.EXE > [2010/11/05 15:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe [2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\windows\system32\taskeng.exe [2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe [2008/01/21 04:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe [2010/11/05 00:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe [2009/04/11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe [2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe < MD5 for: TCPIP.SYS > [2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2008/07/12 08:14:08 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys [2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\windows\system32\drivers\tcpip.sys [2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys < MD5 for: UI0DETECT.EXE > [2008/01/21 04:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\windows\system32\UI0Detect.exe [2008/01/21 04:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe < MD5 for: USBPRINT.SYS > [2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\windows\system32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\system32\drivers\usbprint.sys [2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\system32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys < MD5 for: USBSCAN.SYS > [2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\drivers\usbscan.sys [2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys < MD5 for: USERINIT.EXE > [2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\windows\system32\userinit.exe [2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: VDS.EXE > [2008/01/21 04:34:50 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=B13BC395B9D6116628F5AF47E0802AC4 -- C:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe [2009/04/11 08:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\windows\system32\vds.exe [2009/04/11 08:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe < MD5 for: VOLSNAP.SYS > [2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\system32\drivers\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys < MD5 for: VSSVC.EXE > [2008/01/21 04:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=D5FB73D19C46ADE183F968E13F186B23 -- C:\windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe [2009/04/11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\windows\system32\VSSVC.exe [2009/04/11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe < MD5 for: WEBCHECK.DLL > [2008/01/21 04:33:49 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=4F4889A9D680714BE11B31BD01A0411A -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_612be2f851b99095\webcheck.dll [2009/04/11 08:28:25 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=8208E4895BA625884FF3699CCA1D9E3D -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_63175c044edb5be1\webcheck.dll [2009/03/08 13:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\windows\system32\webcheck.dll [2009/03/08 13:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll < MD5 for: WININIT.EXE > [2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\windows\system32\wininit.exe [2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\windows\system32\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WMIAPSRV.EXE > [2009/04/11 08:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\windows\system32\wbem\WmiApSrv.exe [2009/04/11 08:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApSrv.exe [2008/01/21 04:33:24 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=ABA4CF9F856D9A3A25F4DDD7690A6E9D -- C:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe < MD5 for: WMPNETWK.EXE > [2008/01/21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Program Files\Windows Media Player\wmpnetwk.exe [2008/01/21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe < > < End of report > bon je vais faire la procédure que vous m'avez demandé.

message d'erreur pendant l'executionde OTL : impossible de créer [chemin..]\cmd.bat j'ai mis ok et là, ça bloque (toujours dans OTL) ya marqué : Manual File Scan - Looking in folder c:\users\deborah\Appdata\temp\4\... et je vois pas la suite. Bon je relance OTL juste après un petit coup de ccleaner.

bonjour Pear je confirme ce que j'ai vu hier : combofix.txt n'aparait PAS dans c:\ alors que, quand je le recherche via la recherche de vista, ce fichier existe bel et bien ... sauf qu'il apparait en plein plein d'exemplaires ! (testé aussi avec un autre fichier présent sur la racine: meme résultat) la recherche de vista semble endommagée ! je m'en remets à vous !

euh... j'ai déjà testé le "oui", évidemment. en fait j'ai eu le même pb avec rogue killer et j'ai récupéré des fichiers rapport de 0Ko ! et là, avec combofix, idem ça n'écrit RIEN comme rapport sur le c: Pear, pensez que le virus est encore présent ? EDIT : là j'ai un soucis ! je n'ai pas vu de fichier COMBOFIX.TXT dans c:\ (j'ai bien regardé) et quand je lance la recherche de vista, il me trouve combofix.exe en 30 exemplaires et tous au même endroit !!!!!!!!!!! (même attribut/taille/date..) voici le rapport du premier lancer de combofix (vu la date) ComboFix 11-06-05.02 - deborah 05/06/2011 21:44:11.2.2 - x86 NETWORK Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2999.2495 [GMT 2:00] Lancé depuis: C:\Users\deborah\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) C:\Users\deborah\AppData\Roaming\Adobe\plugs C:\Users\deborah\AppData\Roaming\Adobe\shed C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk C:\Users\deborah\Desktop\Windows Vista Recovery.lnk C:\Users\deborah\xobglu32.dll C:\windows\security\Database\tmp.edb ((((((((((((((((((((((((((((( Fichiers créés du 2011-05-05 au 2011-06-05 )))))))))))))))))))))))))))))))))))) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) 2011-06-05 19:58:24 . 2009-09-25 11:32:31 17408 ----a-w- C:\windows\system32\rpcnetp.exe 2011-06-05 19:58:22 . 2009-09-26 20:26:08 58288 ----a-w- C:\windows\system32\rpcnet.dll 2011-06-05 13:46:15 . 2010-06-24 09:33:56 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-06-05 06:20:38 . 2009-09-26 20:26:08 58288 ------w- C:\windows\system32\rpcnet.exe 2011-06-05 06:17:42 . 2008-04-17 16:29:08 17408 ----a-w- C:\windows\system32\rpcnetp.dll 2011-05-10 12:10:59 . 2010-12-07 09:10:19 40112 ----a-w- C:\windows\avastSS.scr 2011-05-10 12:10:55 . 2009-09-24 23:03:32 199304 ----a-w- C:\windows\system32\aswBoot.exe 2011-05-10 12:03:54 . 2011-03-01 08:29:35 441176 ----a-w- C:\windows\system32\drivers\aswSnx.sys 2011-05-10 12:03:44 . 2009-09-24 23:03:53 307928 ----a-w- C:\windows\system32\drivers\aswSP.sys 2011-05-10 12:02:37 . 2009-09-24 23:03:55 49240 ----a-w- C:\windows\system32\drivers\aswTdi.sys 2011-05-10 11:59:56 . 2009-09-24 23:03:55 25432 ----a-w- C:\windows\system32\drivers\aswRdr.sys 2011-05-10 11:59:44 . 2009-09-24 23:03:32 53592 ----a-w- C:\windows\system32\drivers\aswMonFlt.sys 2011-05-10 11:59:35 . 2009-09-24 23:03:53 19544 ----a-w- C:\windows\system32\drivers\aswFsBlk.sys 2011-04-06 14:20:16 . 2011-04-06 14:20:16 91424 ----a-w- C:\windows\system32\dnssd.dll 2011-04-06 14:20:16 . 2011-04-06 14:20:16 75040 ----a-w- C:\windows\system32\jdns_sd.dll 2011-04-06 14:20:16 . 2011-04-06 14:20:16 197920 ----a-w- C:\windows\system32\dnssdX.dll 2011-04-06 14:20:16 . 2011-04-06 14:20:16 107808 ----a-w- C:\windows\system32\dns-sd.exe ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10:48 122512 ----a-w- C:\Program Files\Alwil Software\Avast5\ashShell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 22:47:30 4240760] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 13:53:58 178712] "accrdsub"="c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 23:08:08 293168] "PTHOSTTR"="c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 00:34:10 238984] "CognizanceTS"="c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 00:42:38 24848] "PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [2008-05-12 13:28:12 318488] "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 21:51:00 488752] "HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 20:42:16 70912] "File Sanitizer"="C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 20:17:02 10244096] "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 18:26:06 177456] "WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 18:21:12 197904] "IgfxTray"="C:\windows\system32\igfxtray.exe" [2008-06-10 09:27:42 150040] "HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2008-06-10 09:27:22 170520] "Persistence"="C:\windows\system32\igfxpers.exe" [2008-06-10 09:27:32 145944] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 14:24:20 54840] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 15:10:24 1314816] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-11-29 15:38:18 421888] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-04-26 23:22:56 421160] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 12:49:28 249064] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-7-12 197904] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk * [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk backup=C:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2008-03-27 19:05:58 1045800 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe R1 dnasubuy;dnasubuy;C:\windows\system32\drivers\dnasubuy.sys [x] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 02:32:44 179712] R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 07:11:30 39984] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 11:16:28 753504] S0 pavboot;pavboot;C:\windows\system32\drivers\pavboot.sys [2009-06-30 08:37:16 28552] S0 SafeBoot;SafeBoot; [x] S0 SbAlg;SbAlg; [x] S0 SbFsLock;SbFsLock; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 RsvLock;RsvLock; [x] S2 accoca;ActivClient Middleware Service;c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 23:08:40 182576] S2 ASBroker;Logon Session Broker;C:\windows\System32\svchost.exe [2008-01-21 02:33:13 21504] S2 ASChannel;Local Communication Channel;C:\windows\System32\svchost.exe [2008-01-21 02:33:13 21504] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;C:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 11:59:44 53592] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384] S2 HP ProtectTools Service;HP ProtectTools Service;c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 20:41:38 34184] S2 HpFkCryptService;Drive Encryption Service;c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 00:35:40 256512] S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 20:17:44 77824] S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe [2008-04-07 18:13:38 24936] S2 pdfcDispatcher;PDF Document Manager;C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 13:28:12 576024] S3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 18:33:26 193840] S3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ;C:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 06:29:26 3658752] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc Cognizance REG_MULTI_SZ ASBroker ASChannel HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 bthsvcs REG_MULTI_SZ BthServ hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache Contenu du dossier 'Tâches planifiées' 2011-06-05 C:\windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job - C:\windows\system32\msfeedssync.exe [2011-06-05 11:42:33 . 2011-02-22 04:43:04] ------- Examen supplémentaire ------- uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\ FF - prefs.js: browser.startup.homepage - www.easysear.ch/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-Akizijiwanomohag - C:\Users\deborah\AppData\Local\luiasev.dll MSConfigStartUp-asp70vdviss - C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4\asp70vdviss.exe MSConfigStartUp-CanalPlayer - C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe MSConfigStartUp-LightScribe Control Panel - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

bonjour pear j'ai désinstallé combofix, puis réinstallé sous sally.com et dès que je lance (au bout de 30 sec en fait) j'ai eu ceci : que dois-je faire ?

bonsoir pear; re aie !!! combofix s'est exécuté complètement MAIS n'a pu ecrire aucun rapport sur mon disque dur (message du genre "vous n'avez pas les autorisations nécessaires pour ecrire ..." répété plusieurs fois) pourtant, j'étais bien en mode sans échec et sur un compte avec les droits administrateur !!! qu'est-ce que j'ai donc raté ? que dois-je faire ? les rapports sont-ils ecrits à un autre endroit ?

re: rapport de tdsskiller : 2011/06/05 16:15:21.0057 4672 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24 2011/06/05 16:15:21.0338 4672 ================================================================================ 2011/06/05 16:15:21.0338 4672 SystemInfo: 2011/06/05 16:15:21.0338 4672 2011/06/05 16:15:21.0338 4672 OS Version: 6.0.6002 ServicePack: 2.0 2011/06/05 16:15:21.0338 4672 Product type: Workstation 2011/06/05 16:15:21.0338 4672 ComputerName: PC-DE-DEBORAH 2011/06/05 16:15:21.0338 4672 UserName: deborah 2011/06/05 16:15:21.0338 4672 Windows directory: C:\windows 2011/06/05 16:15:21.0338 4672 System windows directory: C:\windows 2011/06/05 16:15:21.0338 4672 Processor architecture: Intel x86 2011/06/05 16:15:21.0338 4672 Number of processors: 2 2011/06/05 16:15:21.0338 4672 Page size: 0x1000 2011/06/05 16:15:21.0338 4672 Boot type: Normal boot 2011/06/05 16:15:21.0338 4672 ================================================================================ 2011/06/05 16:15:22.0087 4672 Initialize success 2011/06/05 16:15:30.0137 0752 ================================================================================ 2011/06/05 16:15:30.0137 0752 Scan started 2011/06/05 16:15:30.0137 0752 Mode: Manual; 2011/06/05 16:15:30.0137 0752 ================================================================================ 2011/06/05 16:15:30.0963 0752 Accelerometer (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys 2011/06/05 16:15:31.0041 0752 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys 2011/06/05 16:15:31.0088 0752 ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys 2011/06/05 16:15:31.0135 0752 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys 2011/06/05 16:15:31.0166 0752 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys 2011/06/05 16:15:31.0229 0752 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys 2011/06/05 16:15:31.0275 0752 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys 2011/06/05 16:15:31.0447 0752 AFD (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys 2011/06/05 16:15:31.0525 0752 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys 2011/06/05 16:15:31.0619 0752 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys 2011/06/05 16:15:31.0665 0752 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys 2011/06/05 16:15:31.0712 0752 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys 2011/06/05 16:15:31.0759 0752 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys 2011/06/05 16:15:31.0790 0752 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys 2011/06/05 16:15:31.0821 0752 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys 2011/06/05 16:15:31.0868 0752 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys 2011/06/05 16:15:31.0915 0752 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys 2011/06/05 16:15:31.0946 0752 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys 2011/06/05 16:15:32.0118 0752 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\windows\system32\drivers\aswFsBlk.sys 2011/06/05 16:15:32.0149 0752 aswMonFlt (9bdc8e9ce17b773f69d2c6696c768c4f) C:\windows\system32\drivers\aswMonFlt.sys 2011/06/05 16:15:32.0180 0752 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\windows\system32\drivers\aswRdr.sys 2011/06/05 16:15:32.0274 0752 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\windows\system32\drivers\aswSnx.sys 2011/06/05 16:15:32.0367 0752 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\windows\system32\drivers\aswSP.sys 2011/06/05 16:15:32.0414 0752 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\windows\system32\drivers\aswTdi.sys 2011/06/05 16:15:32.0461 0752 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys 2011/06/05 16:15:32.0508 0752 atapi (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys 2011/06/05 16:15:32.0555 0752 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys 2011/06/05 16:15:32.0648 0752 BCM43XX (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys 2011/06/05 16:15:32.0726 0752 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys 2011/06/05 16:15:32.0789 0752 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys 2011/06/05 16:15:32.0913 0752 bowser (35f376253f687bde63976ccb3f2108ca) C:\windows\system32\DRIVERS\bowser.sys 2011/06/05 16:15:32.0960 0752 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys 2011/06/05 16:15:32.0976 0752 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys 2011/06/05 16:15:33.0023 0752 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys 2011/06/05 16:15:33.0054 0752 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys 2011/06/05 16:15:33.0101 0752 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys 2011/06/05 16:15:33.0132 0752 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys 2011/06/05 16:15:33.0179 0752 BthEnum (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys 2011/06/05 16:15:33.0225 0752 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\windows\system32\DRIVERS\bthmodem.sys 2011/06/05 16:15:33.0303 0752 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys 2011/06/05 16:15:33.0397 0752 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys 2011/06/05 16:15:33.0475 0752 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys 2011/06/05 16:15:33.0522 0752 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys 2011/06/05 16:15:33.0569 0752 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys 2011/06/05 16:15:33.0600 0752 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys 2011/06/05 16:15:33.0881 0752 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys 2011/06/05 16:15:33.0990 0752 cdrom (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys 2011/06/05 16:15:34.0052 0752 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys 2011/06/05 16:15:34.0146 0752 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys 2011/06/05 16:15:34.0239 0752 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys 2011/06/05 16:15:34.0255 0752 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys 2011/06/05 16:15:34.0317 0752 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys 2011/06/05 16:15:34.0380 0752 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys 2011/06/05 16:15:34.0427 0752 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys 2011/06/05 16:15:34.0505 0752 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys 2011/06/05 16:15:34.0598 0752 disk (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys 2011/06/05 16:15:34.0785 0752 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\windows\system32\DRIVERS\Dot4.sys 2011/06/05 16:15:34.0832 0752 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\windows\system32\DRIVERS\Dot4Prt.sys 2011/06/05 16:15:34.0895 0752 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\windows\system32\DRIVERS\dot4usb.sys 2011/06/05 16:15:34.0957 0752 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys 2011/06/05 16:15:35.0051 0752 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys 2011/06/05 16:15:35.0113 0752 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys 2011/06/05 16:15:35.0191 0752 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys 2011/06/05 16:15:35.0253 0752 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys 2011/06/05 16:15:35.0300 0752 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys 2011/06/05 16:15:35.0378 0752 exfat (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys 2011/06/05 16:15:35.0441 0752 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys 2011/06/05 16:15:35.0503 0752 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys 2011/06/05 16:15:35.0565 0752 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys 2011/06/05 16:15:35.0597 0752 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys 2011/06/05 16:15:35.0643 0752 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys 2011/06/05 16:15:35.0737 0752 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys 2011/06/05 16:15:35.0862 0752 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys 2011/06/05 16:15:35.0909 0752 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys 2011/06/05 16:15:35.0940 0752 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys 2011/06/05 16:15:35.0987 0752 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 2011/06/05 16:15:36.0080 0752 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys 2011/06/05 16:15:36.0143 0752 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys 2011/06/05 16:15:36.0221 0752 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys 2011/06/05 16:15:36.0299 0752 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys 2011/06/05 16:15:36.0361 0752 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys 2011/06/05 16:15:36.0439 0752 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys 2011/06/05 16:15:36.0533 0752 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys 2011/06/05 16:15:36.0595 0752 hpdskflt (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys 2011/06/05 16:15:36.0689 0752 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys 2011/06/05 16:15:36.0751 0752 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\windows\system32\drivers\HTTP.sys 2011/06/05 16:15:36.0767 0752 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys 2011/06/05 16:15:36.0845 0752 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys 2011/06/05 16:15:36.0891 0752 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys 2011/06/05 16:15:36.0923 0752 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys 2011/06/05 16:15:37.0047 0752 igfx (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys 2011/06/05 16:15:37.0141 0752 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys 2011/06/05 16:15:37.0188 0752 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys 2011/06/05 16:15:37.0235 0752 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys 2011/06/05 16:15:37.0328 0752 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/06/05 16:15:37.0391 0752 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys 2011/06/05 16:15:37.0422 0752 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys 2011/06/05 16:15:37.0453 0752 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys 2011/06/05 16:15:37.0469 0752 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys 2011/06/05 16:15:37.0531 0752 iScsiPrt (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys 2011/06/05 16:15:37.0562 0752 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys 2011/06/05 16:15:37.0593 0752 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys 2011/06/05 16:15:37.0656 0752 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys 2011/06/05 16:15:37.0734 0752 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys 2011/06/05 16:15:37.0781 0752 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys 2011/06/05 16:15:37.0827 0752 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys 2011/06/05 16:15:37.0874 0752 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys 2011/06/05 16:15:37.0921 0752 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys 2011/06/05 16:15:37.0937 0752 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys 2011/06/05 16:15:37.0968 0752 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys 2011/06/05 16:15:38.0015 0752 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\windows\system32\drivers\mbamswissarmy.sys 2011/06/05 16:15:38.0046 0752 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys 2011/06/05 16:15:38.0108 0752 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys 2011/06/05 16:15:38.0139 0752 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys 2011/06/05 16:15:38.0171 0752 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys 2011/06/05 16:15:38.0233 0752 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys 2011/06/05 16:15:38.0280 0752 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys 2011/06/05 16:15:38.0311 0752 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys 2011/06/05 16:15:38.0342 0752 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys 2011/06/05 16:15:38.0405 0752 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys 2011/06/05 16:15:38.0436 0752 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys 2011/06/05 16:15:38.0498 0752 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys 2011/06/05 16:15:38.0576 0752 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/06/05 16:15:38.0623 0752 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\windows\system32\DRIVERS\mrxsmb10.sys 2011/06/05 16:15:38.0701 0752 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\windows\system32\DRIVERS\mrxsmb20.sys 2011/06/05 16:15:38.0748 0752 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys 2011/06/05 16:15:38.0779 0752 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys 2011/06/05 16:15:38.0826 0752 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys 2011/06/05 16:15:38.0873 0752 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys 2011/06/05 16:15:38.0919 0752 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys 2011/06/05 16:15:38.0982 0752 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys 2011/06/05 16:15:39.0029 0752 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys 2011/06/05 16:15:39.0091 0752 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys 2011/06/05 16:15:39.0169 0752 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys 2011/06/05 16:15:39.0216 0752 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys 2011/06/05 16:15:39.0247 0752 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys 2011/06/05 16:15:39.0309 0752 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS\nwifi.sys 2011/06/05 16:15:39.0403 0752 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers\ndis.sys 2011/06/05 16:15:39.0465 0752 NdisTapi (b659ec6f5c85417ab7fc2015ed16c2f7) C:\windows\system32\DRIVERS\ndistapi.sys 2011/06/05 16:15:39.0512 0752 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys 2011/06/05 16:15:39.0575 0752 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS\ndiswan.sys 2011/06/05 16:15:39.0590 0752 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys 2011/06/05 16:15:39.0668 0752 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys 2011/06/05 16:15:39.0746 0752 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS\netbt.sys 2011/06/05 16:15:39.0949 0752 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\windows\system32\DRIVERS\NETw5v32.sys 2011/06/05 16:15:40.0136 0752 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys 2011/06/05 16:15:40.0214 0752 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys 2011/06/05 16:15:40.0277 0752 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys 2011/06/05 16:15:40.0355 0752 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys 2011/06/05 16:15:40.0417 0752 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys 2011/06/05 16:15:40.0448 0752 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys 2011/06/05 16:15:40.0464 0752 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys 2011/06/05 16:15:40.0495 0752 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys 2011/06/05 16:15:40.0511 0752 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys 2011/06/05 16:15:40.0635 0752 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\windows\system32\DRIVERS\ohci1394.sys 2011/06/05 16:15:40.0713 0752 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\windows\system32\DRIVERS\parport.sys 2011/06/05 16:15:40.0776 0752 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys 2011/06/05 16:15:40.0807 0752 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\windows\system32\DRIVERS\parvdm.sys 2011/06/05 16:15:40.0869 0752 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\windows\system32\drivers\pavboot.sys 2011/06/05 16:15:40.0963 0752 pci (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys 2011/06/05 16:15:41.0010 0752 pciide (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys 2011/06/05 16:15:41.0057 0752 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys 2011/06/05 16:15:41.0166 0752 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys 2011/06/05 16:15:41.0306 0752 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys 2011/06/05 16:15:41.0353 0752 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys 2011/06/05 16:15:41.0462 0752 PSched (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys 2011/06/05 16:15:41.0525 0752 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys 2011/06/05 16:15:41.0571 0752 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys 2011/06/05 16:15:41.0618 0752 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys 2011/06/05 16:15:41.0665 0752 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys 2011/06/05 16:15:41.0727 0752 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/06/05 16:15:41.0790 0752 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERS\raspppoe.sys 2011/06/05 16:15:41.0852 0752 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERS\rassstp.sys 2011/06/05 16:15:41.0899 0752 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERS\rdbss.sys 2011/06/05 16:15:41.0930 0752 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/06/05 16:15:41.0977 0752 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\windows\system32\drivers\rdpdr.sys 2011/06/05 16:15:41.0993 0752 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys 2011/06/05 16:15:42.0024 0752 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys 2011/06/05 16:15:42.0117 0752 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERS\rfcomm.sys 2011/06/05 16:15:42.0258 0752 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys 2011/06/05 16:15:42.0289 0752 RsvLock (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys 2011/06/05 16:15:42.0320 0752 SafeBoot (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys 2011/06/05 16:15:42.0320 0752 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9 2011/06/05 16:15:42.0320 0752 SafeBoot - detected LockedFile.Multi.Generic (1) 2011/06/05 16:15:42.0383 0752 SbAlg (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys 2011/06/05 16:15:42.0445 0752 SbFsLock (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys 2011/06/05 16:15:42.0492 0752 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys 2011/06/05 16:15:42.0554 0752 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 2011/06/05 16:15:42.0601 0752 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys 2011/06/05 16:15:42.0632 0752 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys 2011/06/05 16:15:42.0663 0752 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys 2011/06/05 16:15:42.0710 0752 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys 2011/06/05 16:15:42.0741 0752 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys 2011/06/05 16:15:42.0788 0752 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys 2011/06/05 16:15:42.0851 0752 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\windows\system32\DRIVERS\sfloppy.sys 2011/06/05 16:15:42.0913 0752 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys 2011/06/05 16:15:42.0944 0752 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys 2011/06/05 16:15:43.0007 0752 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys 2011/06/05 16:15:43.0085 0752 Smb (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys 2011/06/05 16:15:43.0241 0752 SNP2UVC (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys 2011/06/05 16:15:43.0350 0752 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys 2011/06/05 16:15:43.0412 0752 srv (41987f9fc0e61adf54f581e15029ad91) C:\windows\system32\DRIVERS\srv.sys 2011/06/05 16:15:43.0475 0752 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\windows\system32\DRIVERS\srv2.sys 2011/06/05 16:15:43.0568 0752 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\windows\system32\DRIVERS\srvnet.sys 2011/06/05 16:15:43.0631 0752 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys 2011/06/05 16:15:43.0677 0752 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys 2011/06/05 16:15:43.0709 0752 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys 2011/06/05 16:15:43.0771 0752 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys 2011/06/05 16:15:43.0849 0752 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys 2011/06/05 16:15:43.0958 0752 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers\tcpip.sys 2011/06/05 16:15:44.0005 0752 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS\tcpip.sys 2011/06/05 16:15:44.0067 0752 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers\tcpipreg.sys 2011/06/05 16:15:44.0130 0752 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys 2011/06/05 16:15:44.0161 0752 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys 2011/06/05 16:15:44.0239 0752 tdx (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS\tdx.sys 2011/06/05 16:15:44.0317 0752 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS\termdd.sys 2011/06/05 16:15:44.0395 0752 TICalc (0dabaa63799b0bf20f95c73ce5d9ca87) C:\windows\system32\drivers\TICalc.sys 2011/06/05 16:15:44.0442 0752 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\windows\system32\drivers\tiehdusb.sys 2011/06/05 16:15:44.0489 0752 TPM (cb258c2f726f1be73c507022be33ebb3) C:\windows\system32\drivers\tpm.sys 2011/06/05 16:15:44.0551 0752 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys 2011/06/05 16:15:44.0613 0752 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys 2011/06/05 16:15:44.0691 0752 tunnel (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS\tunnel.sys 2011/06/05 16:15:44.0738 0752 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys 2011/06/05 16:15:44.0801 0752 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys 2011/06/05 16:15:44.0863 0752 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys 2011/06/05 16:15:45.0003 0752 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys 2011/06/05 16:15:45.0019 0752 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys 2011/06/05 16:15:45.0035 0752 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys 2011/06/05 16:15:45.0081 0752 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys 2011/06/05 16:15:45.0175 0752 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys 2011/06/05 16:15:45.0222 0752 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys 2011/06/05 16:15:45.0269 0752 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys 2011/06/05 16:15:45.0331 0752 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys 2011/06/05 16:15:45.0393 0752 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys 2011/06/05 16:15:45.0440 0752 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys 2011/06/05 16:15:45.0503 0752 usbscan (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys 2011/06/05 16:15:45.0549 0752 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS 2011/06/05 16:15:45.0596 0752 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys 2011/06/05 16:15:45.0643 0752 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys 2011/06/05 16:15:45.0737 0752 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys 2011/06/05 16:15:45.0783 0752 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys 2011/06/05 16:15:45.0815 0752 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys 2011/06/05 16:15:45.0830 0752 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys 2011/06/05 16:15:45.0877 0752 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys 2011/06/05 16:15:45.0908 0752 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys 2011/06/05 16:15:45.0971 0752 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys 2011/06/05 16:15:46.0049 0752 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys 2011/06/05 16:15:46.0080 0752 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys 2011/06/05 16:15:46.0127 0752 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys 2011/06/05 16:15:46.0173 0752 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys 2011/06/05 16:15:46.0189 0752 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys 2011/06/05 16:15:46.0267 0752 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys 2011/06/05 16:15:46.0283 0752 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys 2011/06/05 16:15:46.0407 0752 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys 2011/06/05 16:15:46.0485 0752 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys 2011/06/05 16:15:46.0563 0752 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys 2011/06/05 16:15:46.0626 0752 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys 2011/06/05 16:15:46.0704 0752 yukonwlh (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys 2011/06/05 16:15:46.0751 0752 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/06/05 16:15:46.0766 0752 ================================================================================ 2011/06/05 16:15:46.0766 0752 Scan finished 2011/06/05 16:15:46.0766 0752 ================================================================================ 2011/06/05 16:15:46.0766 3880 Detected object count: 1 2011/06/05 16:15:46.0766 3880 Actual detected object count: 1 2011/06/05 16:16:25.0829 3880 LockedFile.Multi.Generic(SafeBoot) - User select action: Skip ça s'annonce bien, semble-t-il ?

aie, j'ai lancer combofix et à l'étape 4 ... un BSOD !!! j'ai redémarré après ce crash de windows : dois-je relancer combofix ?

Bonjour pear merci pour votre réponse ! j'ai fait toute la procédure en mode sans-echec (car en mode normal ça bloquait c-a-d les logiciels ne se lançaient pas) voici les rapports : Rk quarantine Time : 05/06/2011 08:09:58 -------------------------- [HelpPane.exe.vir] -> c:\windows\helppane.exe [ooyecuncneni.exe.vir] -> c:\programdata\ooyecuncneni.exe [ooyecuncneni.exe.vir] -> c:\programdata\ooyecuncneni.exe Time : 05/06/2011 08:10:29 -------------------------- [ooyecuncneni.exe.vir] -> c:\programdata\ooyecuncneni.exe Time : 05/06/2011 08:10:43 -------------------------- Time : 05/06/2011 08:10:53 -------------------------- Time : 05/06/2011 08:11:05 -------------------------- Time : 05/06/2011 08:16:03 TOUS LES AUTRES RAPPORTS ont créé un fichier texte de 0Ko car à chaque fois que je lançais une option, elle se déroulait correctement et une fois qu'il y était marqué "terminé!", j'avais le message "windows à rencontré un pb avec le programme ..." bref j'ai aucun rapport autre que celui dans le repertoire RKQuarantine. celui de mbam : Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6773 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18999 05/06/2011 09:15:55 mbam-log-2011-06-05 (09-15-55).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|) Elément(s) analysé(s): 351450 Temps écoulé: 40 minute(s), 42 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 90 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\programdata\34791160.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\programdata\ooyecuncneni.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\0292fa80_42b2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\0332f53b_e3abcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\0fd3c533_f0a4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\1555daef_d19dcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\15a3c3c5_5cafcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\1750499d_19b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\19af2164_1ab3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\1aa23989_4da3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\228697e3_65b5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\26626702_97adcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\2ae5dff9_04b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\2d2199d9_9ba7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\34f13a0e_7da6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\370c7c89_96a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\37e5fcba_6a9dcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\3dda4bde_c7a1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\3f06b533_52aecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\41916838_f2a0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\42b77c61_83abcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\4afad80c_d4accb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\5a29d055_b6accb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\5dafff0d_16b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\5fa2b792_b3b0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\651c51d9_5ea3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\66fb3edb_32a0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\7249511d_c9b3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\7447adae_c5a1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\775b2e2b_0eb3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\780eddc2_f3afcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\81524357_eab4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\81936022_34a5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\86bcf7d9_f1a5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\87ffc85b_01a8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\918dd3c2_29accb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\96fd10ea_5d9fcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\98c82472_7da2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\a4184b05_a1a6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\a49304a0_84adcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\ae586f34_7ab2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\b47a99c2_0bb3cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\b4b9f5a2_04a6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\c513073c_19abcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\cc31e8f9_e09ecb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\cc42536a_9bb1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\ce54a78d_d1a8cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\d6e61c0a_70abcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\e1d2a0c8_6ea4cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\e1f3e331_b7a5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\eb3cdf73_35b2cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\f5066948_3fa7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\fa2dfa55_67a7cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\assembly\dl3\018LATL2.H7N\QW03ZXQO.JXQ\d5c03ca5\fb40f2b2_6cb1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\2d58.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\3564.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\522.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\82e7.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\8306.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\90eb.tmp.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\ad7f.tmp.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\ad9f.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\aemswornxc.exe.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\aornmxcwse.exe.vir (Trojan.Hiloti) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\b250.tmp.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\b260.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\b933.tmp.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\b934.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\d80a.tmp.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\err.log4363581.vir (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\exmonrswac.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\setup1191812736.exe.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\setup1709263360.exe.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\setup3603165568.exe.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\sxmoacrnwe.exe (Adware.Agent) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\Adobe\plugs\mmc10767173.txt (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\1000000600002i\verclsid.exe (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\10000006e00002i\searchindexer.exe (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\1000000900003i\imjppdmg.exe (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\1000000e00002i\rundll32.exe (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\30000000111800002i\EXCEL.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\300000004500002i\OIS.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\300000005700002i\WINWORD.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\300000007300002i\POWERPNT.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\thinstall\microsoft office professional plus 2007\30000000a0300002i\MSACCESS.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully. c:\Users\deborah\Desktop\rk_quarantine\ooyecuncneni.exe.vir (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Local\Temp\0.34359712834972456.exe (Trojan.Dropper) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\Adobe\plugs\mmc146.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\Users\deborah\AppData\Roaming\Adobe\plugs\mmc160.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. bonne lecture et merci encore! --------------------------

bonjour j'ai un pc portable infecté par WINDOWS VISTA RECOVERY : le bureau est devenu noir, plus d'icone (sauf i.e. et leur cochonnerie de faux programme). Redemarrage toutes les 5 min. Bon heureusement, j'ai trouvé le moyen d'accéder à mes fichiers perso (qui sont tous devenus caché!) en lançant manuellement explorer.exe. j'ai lu plusieurs sujet sur ce virus mais je ne sais par quoi commencer : malwarebytes ? roguekiller ? hijackthis ? ad-r ? calc.exe ? ça à pas l'air simple vu les discussions. j'ai accès au mode sans echec. j'ai fait un ghost complet de mon pc (au cas où). si un helper pouvait me prendre en charge, merci BEAUCOUP ! nb: que pensez vous de ce site qui dit pouvoir ERADIQUER ce virus ? How to Uninstall/Remove Windows Vista Recovery virus Removal Guide | RemoveVirusHelp.com ? c'est encore un rogue ?

tiens, MBAM a décidé de finir le scan, cette fois ! et il a trouvé des choses ... (j'aime quand je me parle à moi-même) Malwarebytes' Anti-Malware 1.39 Version de la base de données: 2425 Windows 5.1.2600 Service Pack 3 14/07/2009 16:21:21 mbam-log-2009-07-14 (16-21-21).txt Type de recherche: Examen rapide Eléments examinés: 112952 Temps écoulé: 10 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bron-Spizaetus (Worm.Brontok) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Tok-Cirrhatus (Worm.Brontok) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Dossier(s) infecté(s): c:\documents and settings\propriétaire\local settings\application data\Bron.tok-18-2 (Trojan.Brontok) -> Quarantined and deleted successfully. Fichier(s) infecté(s): (Aucun élément nuisible détecté)

ah, voici aussi le rapport antivir (je l'avais lancé depuis le rescue cd, puis je l'ai relancé sous xp) si ça peut servir ... Avira AntiVir Personal Date de création du fichier de rapport : mardi 14 juillet 2009 14:01 La recherche porte sur 1521000 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : SENIOR Informations de version : BUILD.DAT : 9.0.0.66 17958 Bytes 17/06/2009 14:44:00 AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 13:20:54 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 10:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 10:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:30:36 ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 07:21:33 ANTIVIR2.VDF : 7.1.4.221 1273856 Bytes 12/07/2009 07:21:33 ANTIVIR3.VDF : 7.1.4.229 71680 Bytes 14/07/2009 07:21:33 Version du moteur : 8.2.0.204 AEVDF.DLL : 8.1.1.1 106868 Bytes 14/07/2009 07:21:35 AESCRIPT.DLL : 8.1.2.13 426362 Bytes 14/07/2009 07:21:34 AESCN.DLL : 8.1.2.3 127347 Bytes 14/07/2009 07:21:34 AERDL.DLL : 8.1.2.2 438642 Bytes 14/07/2009 07:21:34 AEPACK.DLL : 8.1.3.18 401783 Bytes 14/07/2009 07:21:34 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 14/07/2009 07:21:34 AEHEUR.DLL : 8.1.0.137 1823095 Bytes 14/07/2009 07:21:34 AEHELP.DLL : 8.1.3.6 205174 Bytes 14/07/2009 07:21:34 AEGEN.DLL : 8.1.1.48 348532 Bytes 14/07/2009 07:21:34 AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 14:32:40 AECORE.DLL : 8.1.6.12 180599 Bytes 14/07/2009 07:21:33 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:30 AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 11:39:26 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 15:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 15:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 14/07/2009 07:21:32 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 10:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : mardi 14 juillet 2009 14:01 La recherche d'objets cachés commence. '76901' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'ccEvtMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'WpsC3Psw.EXE' - '1' module(s) sont contrôlés Processus de recherche 'CALMAIN.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'StarWindService.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'Navapsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'WkCalRem.exe' - '1' module(s) sont contrôlés Processus de recherche 'BackWeb-137903.exe' - '1' module(s) sont contrôlés Processus de recherche 'WinCinemaMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés Processus de recherche 'WkUFind.exe' - '1' module(s) sont contrôlés Processus de recherche 'ccApp.exe' - '1' module(s) sont contrôlés Processus de recherche 'kbd.exe' - '1' module(s) sont contrôlés Processus de recherche 'shwicon.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpsysdrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '45' processus ont été contrôlés avec '45' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '67' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HP_PAVILION> C:\em8tqm.cmd.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Documents and Settings\All Users\Documents\NOUVEAU (E)\DIVXPRO505GAINBUNDLE.EXE [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Agent.3829760 C:\hp\region\FR_FR-ie.reg.XXX [RESULTAT] Contient le cheval de Troie TR/WinREG.StartPage.3 C:\Program Files\DivX\DivX Pro Codec\Gain_Trickler.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202a.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202b.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202c.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202d.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202e.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202f.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202g.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202h.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 C:\WINDOWS\taskmngr.exe.XXX [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen C:\WINDOWS\system32\nmdfgds0.dll.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avc C:\WINDOWS\system32\olhrwef.exe.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb C:\WINDOWS\system32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\system32\drivers\etc\hosts.XXX [RESULTAT] Contient le cheval de Troie TR/Qhost.AA Recherche débutant dans 'D:\' <HP_RECOVERY> D:\em8tqm.cmd.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb Début de la désinfection : C:\em8tqm.cmd.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a949bd1.qua' ! C:\Documents and Settings\All Users\Documents\NOUVEAU (E)\DIVXPRO505GAINBUNDLE.EXE [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Agent.3829760 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ab29bae.qua' ! C:\hp\region\FR_FR-ie.reg.XXX [RESULTAT] Contient le cheval de Troie TR/WinREG.StartPage.3 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4abb9bb9.qua' ! C:\Program Files\DivX\DivX Pro Codec\Gain_Trickler.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac59bc8.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac59bca.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202a.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac59bcb.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202b.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4902d584.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202c.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '490dcddc.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202d.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '490cc614.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202e.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '490ffe6c.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202f.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac59bcc.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202g.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f3b246d.qua' ! C:\Program Files\DivX\DivX Pro Codec\gain_trickler_3202h.exe.XXX [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Gator.3202 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '490eedc5.qua' ! C:\WINDOWS\taskmngr.exe.XXX [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4acf9bcf.qua' ! C:\WINDOWS\system32\nmdfgds0.dll.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avc [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac09bdb.qua' ! C:\WINDOWS\system32\olhrwef.exe.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac49bdb.qua' ! C:\WINDOWS\system32\drivers\etc\hosts.XXX [RESULTAT] Contient le cheval de Troie TR/Qhost.AA [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4acf9bde.qua' ! D:\em8tqm.cmd.XXX [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.avb [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a949bdc.qua' ! Fin de la recherche : mardi 14 juillet 2009 15:51 Temps nécessaire: 1:35:39 Heure(s) La recherche a été effectuée intégralement 7492 Les répertoires ont été contrôlés 375734 Des fichiers ont été contrôlés 18 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 18 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 375713 Fichiers non infectés 18090 Les archives ont été contrôlées 3 Avertissements 20 Consignes 76901 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés

bonjour on m'a confié un PC infecté : aucune icone ne s'affichait au démarrage, pas de click droit possible ni même d'accès au menu "démarrer" un petit coup de live CD d'antivir (le rescue CD) et les icônes sont revenues : il y avait au passage plusieurs virus détectés mais il doit vraissemblablement en rester. d'où ma demande d'aide !!!! à noter que malwarebytes PLANTE pendant le scan, le PC est devenue très lent, et au démarrage un gentil message me disant qu'il manque "sembako-chzjlkg.exe" (un brave fichier bisounours sûrement !!!!) pour gagner du temps, j'ai mis IE8, antivir à jour (yavait avg 7.5 !!!!) ainsi aue les MAJ windows. voici le log de hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:37:17, on 14/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.exe C:\windows\system\hpsysdrv.exe C:\Program Files\USB Storage RW\shwicon.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe C:\Program Files\hp center\137903\Program\BackWeb-137903.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\WPSC3PSW.EXE c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe c:\program files\avira\antivir desktop\avcenter.exe C:\Program Files\Avira\AntiVir Desktop\avscan.exe C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr7.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\sembako-chzjlkg.exe" O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Trickler] "c:\program files\divx\divx pro codec\gain_trickler_3202h.exe" O4 - HKLM\..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE /P23 "EPSON Stylus C86 Series" /O6 "USB002" /M "Stylus C86" O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [WpsRePsw] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\WpsRePsw.EXE O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Documents and Settings\Propriétaire\Mes documents\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Windows Task Manager] taskmngr.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [EPSON Stylus S20 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEAE.EXE /FU "C:\WINDOWS\TEMP\E_S1A2.tmp" /EF "HKCU" O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook (User 'Default user') O4 - Startup: Registration-Studio 8 LE.lnk = C:\Program Files\Pinnacle\Studio 8\Register\RegTool.exe O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 9536 bytes CORDIALEMENT ; merci !! (il y a vraiment trop de choses inutiles dans ce PC !!!!)

slt pernellcarr en fait j'ai acheté une simple clé wifi (pas point d'accès) : ça a pas marché (j'ai fait le pont j'ai testé plein de config : rien) ensuite, j'ai acheté une CLE EMMETTEUR hercules : c'était exactement ce qu'il me fallait : j'ai testé sur ma connection internet (en desactivant le wifi pour jouer le jeu) : impec ça marche super : ça connecte la carte reseau ethernet du pc à la carte wifi (en fait la cle hercules) et ça PARTAGE ainsi la connection. j'ai connecté la radio wifi sur cet emmetteur et ça fonctionne. le test ici :http://www.lesnumeriques.com/article-53-1891-74.html en particulier la video démontrant l'efficacité : http://www.dailymotion.com/video/x1uq62_he...-facile-partage j'ai passé à mon père le matos (clé emmetteur+radio wifi): pas de bol, ça marche pas car lui, il se connecte par une connection VPN et la clé HERCULES ne sait pas faire de "lien" entre la carte wifi et la VPN. en fait j'ai pas bien compris la nature d'une connection VPN et son lien avec la connection reseau... si tu as une bonne id... a+

slt angelique pff, tu m'as tué avec avec ton 1800+ sur lequel ça "roule" !!! bon, t'as laissé tout les réglages par défaut je suppose (je pose la question sans trop de conviction...) ? a+ (nb : au passage, pourquoi n'as-tu pas installé le sp3 ???)

slt fifi29 ah. tu as quel processeur ? c'est un rapide ?

bonjour à tous j'ai installé récemment antivir 9.0.0 sur plusieurs PC : un P4-1,6ghz, un p4-2,6, un portable pentium M 1,7Ghz, un athlon 2200+ (512 mo de ram) et même sur un athlon 64 x2 5200+ (1ghz de ram) et bien 4 PC sur 5 présentent des RALENTISSEMENTS très importants au démarrage (et même après) : l'activité HD ne cesse qu'au bout de LONGUES minutes, ou alors ya une activité HD toutes les 10ou20 sec. Ce sont des PC clairement non infectés (seul le 5200+ s'en sort) j'ai essayé de desintaller sur le p4 1,6ghz et sur le 2200+ : ça reste lent !!!! (j'avais installé ANTIVIR sur une installation d'XP sp3 toute "propre", histoire d'être sûr que ça vienne de lui ) Avez vous rencontré les mêmes soucis ? et surtout auriez vous des solutions !? (j'ai regardé les paramétrages mais rien ni fait merci

ah, si un moderateur apprécie c'est bon signe ! merci thanos

slt à tous. bon je risque de me faire déplacer mais comme ça m'a bien fait sourire, ce texte, je vous le livre ! (pour une fois qu'on lit un truc drole dans cette section, ça change des "mon ordinateur plante, mon pc est lent, j'ai 23 virus, etc") bonne journée M. le responsable de l'Assistance technique, Il y a un an et demi j'ai changé ma version Fiancée 7.0 par la version Épouse 1.0 et j'ai observé que le programme a lancé une application inattendue appelée Bébé 1.0 qui prend beaucoup d'espace dans mon disque dur.Dans la notice, cette application n'est pas mentionnée. D'autre part, Epouse 1.0 s'auto installe dans tous les autres programmes, et se lance automatiquement dès que j'ouvre n'importe quelle autre application, parasitant l'exécution de celle-ci. Des applications telles que Café Avec Copains 10.3 ou Foot du dimanche soir 5.0 ne fonctionnent plus. De plus, de temps en temps se lance un programme occulte (virus ?) appelé Belle Mère 1.0 lequel, soit plante le système, soit fait que Epouse 1.0 se comporte de manière totalement inattendue. Je n'arrive pas à désinstaller ce programme et ceci est très irritant. J'envisage de revenir au programme que j'avais avant, Fiancée 7.0, mais le processus de désinstallation d' Epouse 1.0 me semble fort complexe et je ne mesure pas encore bien les risques que cela peut comporter pour les autres applications comme Bébé 1.0, qui je l'avoue est Très convivial. Pouvez-vous m'aider ? RÉPONSE du Customer Service Cher Utilisateur : Votre plainte est très fréquente parmi les utilisateurs, mais elle est due la plupart du temps à une erreur de conception de base : Beaucoup d'utilisateurs passent de n'importe quelle version de Fiancée X.0 à Epouse1.0 avec l'idée fausse que Epouse1.0 n'est qu'un programme d'utilitaires et de divertissement. Cependant, Épouse 1.0 est bien plus que ça : il s'agit d'un SYSTEME D'EXPLOITATION COMPLET, créé pour contrôler et gérer toutes vos applications. Même problème avec Belle Mère X. 0. Ces programmes sont d'anciennes générations, desquels dérive Epouse X.0 et entraînent souvent des problèmes de compatibilité. Avec un peu de chance, ils finissent par être victime d'un virus et disparaissent au bout de plusieurs années. Évitez aussi l'utilisation excessive des touches ESCAPE ou SUPPRIMER, car vous devrez ensuite utiliser la commande C:\faire_des_ excuses.exe\ fleurs\all pour que le programme re-fonctionne normalement. Epouse1.0 est un programme assez intéressant, mais qui peut générer un coût élevé, s'il est mal utilisé. Je vous conseille d'installer un software additionnel pour améliorer la rentabilité d'Epouse1.0. comme Fleurs5.0, Bijoux 2.3, ou bien Séjour_au_Club_ Med1.2. Vous pouvez aussi vous servir de Oui_mon_amour 8. 0 ou bien de Tu_as_raison_ ma_chérie14. 7 patch 1745. Vous pouvez les télécharger sur Internet, leurs résultats sont assez satisfaisants. ATTENTION : n'installez jamais Secrétaire_en_ minijupe3.3 ou Ex-Petite_amie 1.1. Ces programmes ne fonctionnent pas dans l'univers d'Epouse1.0 et pourraient causer des dommages irréversibles dans le système. (merci à fabienne b. !!!)

bonsoir à tous j'ai acheté une radio wifi FREECOM pour une personne. comme son modem n'a PAS le wifi, j'ai acheté une clé WIFI. j'étais sûr de pouvoir faire un pont réseau ... mais ça marche pas ! (ça fait bien le pont, mais la radio ne sait PAS se connecter) à part ça, j'ai fait un test sur mon modem qui a du WIFI : ça marche impec. Donc ça provient de mes paramètres mais je ne sais même pas ce qu'il faudrait changer. ah oui, j'ai CHERCHE (pas mal cherché d'ailleurs...) sur le net mais j'ai pas trouvé de personne dans mon cas. SI VOUS AVEZ UNE BONNE IDEE, N'HESITEZ PAS !

bonsoir Pear voici les résultats : après les procédure, le problème de ralentissement important persiste mais -le %d'occupation cpu est redevenu normal 2-4% (qq petites pointes à10-13% de temps à autres) -l'occupation mémoire est INFERIEURE à la quantité mémoire physique dispo malgré tout, c'est pas encore ça ! deux pistes : 1) AIDA32 et CPU-Z ne trouvent rien sur le type de barette, la fréquence etc : est-il possible qu'une barette soit défectueuse en marchant mais en marchant trop lentement ? 2) après enquête (!), en fait, le problème est apparu depuis le changement de carte mère par un informaticien. ça peut aider à y voir plus clair ? merci ! nb : le proc est un pentium Presler D920 2,8 ghz