[résolu] windows vista recovery : terrible !

[avilug]

bonjour pear

 

j'ai désinstallé combofix, puis réinstallé sous sally.com et dès que je lance (au bout de 30 sec en fait) j'ai eu ceci :

 

 

 

que dois-je faire ?

[pear]

Cliquez Oui.

[avilug]

euh... j'ai déjà testé le "oui", évidemment.

 

en fait j'ai eu le même pb avec rogue killer et j'ai récupéré des fichiers rapport de 0Ko !

 

et là, avec combofix, idem ça n'écrit RIEN comme rapport sur le c:

 

Pear, pensez que le virus est encore présent ?

EDIT : là j'ai un soucis ! je n'ai pas vu de fichier COMBOFIX.TXT dans c:\ (j'ai bien regardé) et quand je lance la recherche de vista, il me trouve combofix.exe en 30 exemplaires et tous au même endroit !!!!!!!!!!! (même attribut/taille/date..)

 

voici le rapport du premier lancer de combofix (vu la date)

 

ComboFix 11-06-05.02 - deborah 05/06/2011 21:44:11.2.2 - x86 NETWORK

Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2999.2495 [GMT 2:00]

Lancé depuis: C:\Users\deborah\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Un nouveau point de restauration a été créé

 

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\Users\deborah\AppData\Roaming\Adobe\plugs

C:\Users\deborah\AppData\Roaming\Adobe\shed

C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif

C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery

C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk

C:\Users\deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk

C:\Users\deborah\Desktop\Windows Vista Recovery.lnk

C:\Users\deborah\xobglu32.dll

C:\windows\security\Database\tmp.edb

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2011-05-05 au 2011-06-05 ))))))))))))))))))))))))))))))))))))

 

 

.

 

 

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

 

2011-06-05 19:58:24 . 2009-09-25 11:32:31 17408 ----a-w- C:\windows\system32\rpcnetp.exe

2011-06-05 19:58:22 . 2009-09-26 20:26:08 58288 ----a-w- C:\windows\system32\rpcnet.dll

2011-06-05 13:46:15 . 2010-06-24 09:33:56 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-06-05 06:20:38 . 2009-09-26 20:26:08 58288 ------w- C:\windows\system32\rpcnet.exe

2011-06-05 06:17:42 . 2008-04-17 16:29:08 17408 ----a-w- C:\windows\system32\rpcnetp.dll

2011-05-10 12:10:59 . 2010-12-07 09:10:19 40112 ----a-w- C:\windows\avastSS.scr

2011-05-10 12:10:55 . 2009-09-24 23:03:32 199304 ----a-w- C:\windows\system32\aswBoot.exe

2011-05-10 12:03:54 . 2011-03-01 08:29:35 441176 ----a-w- C:\windows\system32\drivers\aswSnx.sys

2011-05-10 12:03:44 . 2009-09-24 23:03:53 307928 ----a-w- C:\windows\system32\drivers\aswSP.sys

2011-05-10 12:02:37 . 2009-09-24 23:03:55 49240 ----a-w- C:\windows\system32\drivers\aswTdi.sys

2011-05-10 11:59:56 . 2009-09-24 23:03:55 25432 ----a-w- C:\windows\system32\drivers\aswRdr.sys

2011-05-10 11:59:44 . 2009-09-24 23:03:32 53592 ----a-w- C:\windows\system32\drivers\aswMonFlt.sys

2011-05-10 11:59:35 . 2009-09-24 23:03:53 19544 ----a-w- C:\windows\system32\drivers\aswFsBlk.sys

2011-04-06 14:20:16 . 2011-04-06 14:20:16 91424 ----a-w- C:\windows\system32\dnssd.dll

2011-04-06 14:20:16 . 2011-04-06 14:20:16 75040 ----a-w- C:\windows\system32\jdns_sd.dll

2011-04-06 14:20:16 . 2011-04-06 14:20:16 197920 ----a-w- C:\windows\system32\dnssdX.dll

2011-04-06 14:20:16 . 2011-04-06 14:20:16 107808 ----a-w- C:\windows\system32\dns-sd.exe

 

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-05-10 12:10:48 122512 ----a-w- C:\Program Files\Alwil Software\Avast5\ashShell.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 22:47:30 4240760]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 13:53:58 178712]

"accrdsub"="c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 23:08:08 293168]

"PTHOSTTR"="c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 00:34:10 238984]

"CognizanceTS"="c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 00:42:38 24848]

"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [2008-05-12 13:28:12 318488]

"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 21:51:00 488752]

"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 20:42:16 70912]

"File Sanitizer"="C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 20:17:02 10244096]

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 18:26:06 177456]

"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 18:21:12 197904]

"IgfxTray"="C:\windows\system32\igfxtray.exe" [2008-06-10 09:27:42 150040]

"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2008-06-10 09:27:22 170520]

"Persistence"="C:\windows\system32\igfxpers.exe" [2008-06-10 09:27:32 145944]

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 14:24:20 54840]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 15:10:24 1314816]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-11-29 15:38:18 421888]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-04-26 23:22:56 421160]

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 12:49:28 249064]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-7-12 197904]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk

backup=C:\windows\pss\BTTray.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2008-03-27 19:05:58 1045800 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

R1 dnasubuy;dnasubuy;C:\windows\system32\drivers\dnasubuy.sys [x]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 02:32:44 179712]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 07:11:30 39984]

R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 11:16:28 753504]

S0 pavboot;pavboot;C:\windows\system32\drivers\pavboot.sys [2009-06-30 08:37:16 28552]

S0 SafeBoot;SafeBoot; [x]

S0 SbAlg;SbAlg; [x]

S0 SbFsLock;SbFsLock; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 RsvLock;RsvLock; [x]

S2 accoca;ActivClient Middleware Service;c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 23:08:40 182576]

S2 ASBroker;Logon Session Broker;C:\windows\System32\svchost.exe [2008-01-21 02:33:13 21504]

S2 ASChannel;Local Communication Channel;C:\windows\System32\svchost.exe [2008-01-21 02:33:13 21504]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;C:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 11:59:44 53592]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]

S2 HP ProtectTools Service;HP ProtectTools Service;c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 20:41:38 34184]

S2 HpFkCryptService;Drive Encryption Service;c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 00:35:40 256512]

S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 20:17:44 77824]

S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe [2008-04-07 18:13:38 24936]

S2 pdfcDispatcher;PDF Document Manager;C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 13:28:12 576024]

S3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 18:33:26 193840]

S3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ;C:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 06:29:26 3658752]

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

Cognizance REG_MULTI_SZ ASBroker ASChannel

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

bthsvcs REG_MULTI_SZ BthServ

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

 

Contenu du dossier 'Tâches planifiées'

 

2011-06-05 C:\windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job

- C:\windows\system32\msfeedssync.exe [2011-06-05 11:42:33 . 2011-02-22 04:43:04]

 

 

------- Examen supplémentaire -------

 

uStart Page = hxxp://www.google.fr/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb

uInternet Settings,ProxyOverride = *.local

IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 192.168.1.1

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab

FF - ProfilePath - C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\

FF - prefs.js: browser.startup.homepage - www.easysear.ch/

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

 

- - - - ORPHELINS SUPPRIMES - - - -

 

MSConfigStartUp-Akizijiwanomohag - C:\Users\deborah\AppData\Local\luiasev.dll

MSConfigStartUp-asp70vdviss - C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4\asp70vdviss.exe

MSConfigStartUp-CanalPlayer - C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe

MSConfigStartUp-LightScribe Control Panel - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

Modifié le 6 juin 2011 par avilug

[avilug]

bonjour Pear

 

je confirme ce que j'ai vu hier :

 

combofix.txt n'aparait PAS dans c:\

alors que, quand je le recherche via la recherche de vista, ce fichier existe bel et bien ... sauf qu'il apparait en plein plein d'exemplaires ! (testé aussi avec un autre fichier présent sur la racine: meme résultat) la recherche de vista semble endommagée !

 

je m'en remets à vous !

Modifié le 7 juin 2011 par avilug

[pear]

Tout cela est bien curieux!

 

Télécharger OTL sur le bureau

Double cliquer sur l'icône

 

 

Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

Cochez]----------------->Tous les utilisateurs (scan all users)

Sous Rapport (output)

Cliquez ----------------------------->Rapport Standard (Standard Output)

Sous Régistre Standard(Standard Registry) cocher Tous(All)

Cochez------------------------------> Lop check et Purity check

 

Dans Pesonnalisation (Custom Scans Fixes) copier_coller le contenu ci dessous:

%temp%\1\*. /s

%temp%\2\*. /s

%temp%\4\*. /s

%temp%\1\*.* /s

%temp%\2\*.* /s

%temp%\4\*.* /s

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

/md5start

AGP440.sys

ahcix86s.sys

alg.exe

atapi.sys

cdrom.sys

cngaudit.dll

csrss.exe

eNetHook.dll

eventlog.dll

explorer.exe

fxssvc.exe

iastorv.sys

IdeChnDr.sys

iesetup.dll

inseng.dll

KR10N.sys

logevent.dll

lsass.exe

locator.exe

msdtc.exe

mshtml.dll

ndis.sys

netlogon.dll

nvatabus.sys

nvata.sys

nvgts.sys

nvstor.sys

nvstor32.sys

pngfilt.dll

rdpclip.exe

SafeBoot.sys

scecli.dll

sceclt.dll

spoolsv.exe

snmptrap.exe

sppsvc.exe

taskhost.exe

taskeng.exe

tcpip.sys

UI0Detect.exe

usbscan.sys

usbprint.sys

userinit.exe

vaxscsi.sys

vds.exe

viamraid.sys

ViPrt.sys

volsnap.sys

vssvc.exe

WatAdminSvc.exe

wbengine.exe

webcheck.dll

wininit.exe

winlogon.exe

WmiApSrv.exe

wmpnetwk.exe

wscntfy.exe

/md5stop

 

CREATERESTOREPOINT

 

Clic sur Analyse

une fois le scan terminé , les fichiers OTL.txt et Extras.txt vont s'ouvrir

 

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

 

ou Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

[avilug]

message d'erreur pendant l'executionde OTL : impossible de créer [chemin..]\cmd.bat

j'ai mis ok

et là, ça bloque (toujours dans OTL) ya marqué : Manual File Scan - Looking in folder c:\users\deborah\Appdata\temp\4\... et je vois pas la suite.

 

Bon je relance OTL juste après un petit coup de ccleaner.

Modifié le 7 juin 2011 par avilug

[pear]

Comme c'est dans le TEMP, est-ce que ça vaudrait le coup que je fasse un petit coup de menage

 

Il y a un risque.On peut avoir besoin de fichier temp utilisé par un malware.

 

Télécharger MbrBackup

Au lancement,vous obtenez ceci:

 

Vous devez alors sauvegarder le Mbr(Save Mbr) vers un support externe pour parer à toute éventualité.

Pour cela cliquez Poste de travail(à gauche) puis , suivant votre choix, sur Clé usb ,Disque amovible

comme ci dessous:

 

 

Avant tout, il vous faut une autre machine en état de marche disposant d'un graveur où vous insérez un disque vierge(cd ou dvd)

Sur la machine malade,vérifier l'ordre du boot dans le BIOS et mettre le lecteur cd(dvd) en premier(First boot)

 

Télécharger OTLPEStd.exe

 

Ou à partir de ce lien

sur le Bureau

Le fichier fait plus de 97MB, soyez donc patient pour le téléchargement.

Lancez le fichier OTLPEStd.exe ;

Un fichier .iso inclus dans le téléchargement sera gravé sur le disque vierge qui permettra d'avoir accès aux fichiers de la machine malade.

Insèrez le disque gravé sur la machine infectée et démarrez à partir de ce disque.

 

Si tout va bien, la machine démarrera sur l'environnement OTLPE

Lors du démarrage de OTLPE.exe il sera demandé à l'utilisateur s'il veut charger le Registre distant et il doit choisir Yes/Oui.

Ensuite, il lui sera demandé s'il veut charger les profils utilisateur distants, et il devra de nouveau choisir Yes/Oui.

Enfin, une liste des profils distants trouvés sera affichée, avec l'option par défaut de les charger tous, et l'utilisateur devra une fois encore choisir Yes/Oui.

S'il ne respecte pas cette procédure, il ne verra pas les comptes d'utilisateur distants.

 

Double-click sur l'icone OTLPE

A la demande "Do you wish to load the remote registry"->choisir Yes

et "Do you wish to load remote user profile(s) for scanning"->choisir Yes

vérifier que "Automatically Load All Remaining Users" est sélectionné et presser OK

 

L' écran d'OTLPE s'affiche:

Vérifier que les paramètres sont identiques à ceux de l'image ci-dessus.

Dans Pesonnalisation (Custom Scans Fixes) copier_coller le contenu ci dessous:

%temp%\1\*. /s

%temp%\2\*. /s

%temp%\4\*. /s

%temp%\1\*.* /s

%temp%\2\*.* /s

%temp%\4\*.* /s

%windir%\temp\*.dat

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

/md5start

AGP440.sys

ahcix86s.sys

alg.exe

atapi.sys

cdrom.sys

cngaudit.dll

csrss.exe

eNetHook.dll

eventlog.dll

explorer.exe

fxssvc.exe

iastorv.sys

IdeChnDr.sys

iesetup.dll

inseng.dll

KR10N.sys

logevent.dll

lsass.exe

locator.exe

msdtc.exe

mshtml.dll

ndis.sys

netlogon.dll

nvatabus.sys

nvata.sys

nvgts.sys

nvstor.sys

nvstor32.sys

pngfilt.dll

rdpclip.exe

SafeBoot.sys

scecli.dll

sceclt.dll

spoolsv.exe

snmptrap.exe

sppsvc.exe

taskhost.exe

taskeng.exe

tcpip.sys

UI0Detect.exe

usbscan.sys

usbprint.sys

userinit.exe

vaxscsi.sys

vds.exe

viamraid.sys

ViPrt.sys

volsnap.sys

vssvc.exe

WatAdminSvc.exe

wbengine.exe

webcheck.dll

wininit.exe

winlogon.exe

WmiApSrv.exe

wmpnetwk.exe

wscntfy.exe

/md5stop

 

CREATERESTOREPOINT

 

Clic sur Analyse (Run Scan)

le scan terminé , le fichier se trouve là C:\OTL.txt

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

ou Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

Modifié le 7 juin 2011 par pear

[avilug]

oups ! avant de lire votre réponse, j'ai lancé ccleaner et relancer OTL

bon, désolé, je ne prendrai plus d'initiative perso AVANT d'avoir obtenu votre aval.

 

le scan vient de se finir : otl.txt s'est ouvert dans le bloc note et ... impossible de l'enregistrer ni sur le bureau ni sur une clé usb (ça ne s'écrit pas)

 

voici le rapport que j'ai obtenu :

 

OTL logfile created on: 07/06/2011 18:34:35 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\deborah\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,93 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 58,69% Memory free

6,06 Gb Paging File | 4,74 Gb Available in Paging File | 78,27% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 288,09 Gb Total Space | 213,36 Gb Free Space | 74,06% Space Free | Partition Type: NTFS

Drive D: | 9,00 Gb Total Space | 1,84 Gb Free Space | 20,45% Space Free | Partition Type: NTFS

Drive F: | 1021,00 Mb Total Space | 938,88 Mb Free Space | 91,96% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-DEBORAH | User Name: deborah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe

PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\conime.exe

PRC - [2008/05/02 22:17:02 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe

PRC - [2008/04/18 15:53:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe

PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

MOD - [2008/05/21 02:42:30 | 000,081,680 | ---- | M] (Bioscrypt Inc.) -- C:\windows\System32\APSHook.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/06/05 08:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)

SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)

SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll -- (ASChannel)

SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)

SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)

SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)

SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)

SRV - [2008/04/18 15:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®

SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\windows\System32\AEADISRV.EXE -- (AEADIFilters)

SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)

SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\windows\system32\drivers\pavboot.sys -- (pavboot)

DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)

DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)

DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)

DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)

DRV - [2008/04/28 08:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel®

DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

DRV - [2008/04/10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)

DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008/01/21 04:34:06 | 000,020,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\tpm.sys -- (TPM)

DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)

DRV - [2001/01/29 16:41:04 | 000,009,152 | ---- | M] () [Kernel | Auto | Stopped] -- C:\windows\System32\drivers\Ticalc.sys -- (TICalc)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=all&pf=cmnb

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

 

IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.easysear.ch/"

FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/04 12:31:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/05 15:47:25 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/05 15:47:25 | 000,000,000 | ---D | M]

 

[2010/11/09 17:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\mozilla\Extensions

[2011/05/18 13:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\mozilla\Firefox\Profiles\xcpc4ae4.default\extensions

[2010/11/09 22:01:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\deborah\AppData\Roaming\mozilla\Firefox\Profiles\xcpc4ae4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/05 16:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2011/01/13 12:47:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/06/05 16:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2010/10/04 12:31:53 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3

[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2009/08/24 21:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2009/08/24 21:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2009/08/24 21:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2009/08/24 21:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2009/08/24 21:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/06/05 21:59:05 | 000,000,027 | ---- | M]) - C:\windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)

O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)

O4 - HKLM..\Run: [CognizanceTS] File not found

O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)

O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.)

MsConfig - StartUpReg: Akizijiwanomohag - hkey= - key= - File not found

MsConfig - StartUpReg: asp70vdviss.exe - hkey= - key= - File not found

MsConfig - StartUpReg: CanalPlayer - hkey= - key= - File not found

MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - File not found

MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

MsConfig - State: "startup" - 2

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PEVSystemStart - Service

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: procexp90.Sys - Driver

SafeBootMin: rpcnet - C:\windows\System32\rpcnet.exe (Absolute Software Corp.)

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PEVSystemStart - Service

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: procexp90.Sys - Driver

SafeBootNet: rdsessmgr - Service

SafeBootNet: rpcnet - C:\windows\System32\rpcnet.exe (Absolute Software Corp.)

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/06/07 18:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/06/07 17:42:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

[2011/06/06 18:12:17 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

[2011/06/06 17:39:55 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll

[2011/06/06 17:30:47 | 004,114,023 | ---- | C] (Swearware) -- C:\Users\deborah\Desktop\sally.com

[2011/06/06 17:29:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/06/06 17:28:14 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW

[2011/06/05 21:56:16 | 000,000,000 | ---D | C] -- C:\windows\temp

[2011/06/05 21:56:16 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\temp

[2011/06/05 21:43:13 | 000,000,000 | ---D | C] -- C:\ComboFix

[2011/06/05 16:12:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe

[2011/06/05 16:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe

[2011/06/05 16:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe

[2011/06/05 15:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/06/05 15:56:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\System32\GEARAspi.dll

[2011/06/05 15:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/06/05 15:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/06/05 15:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/06/05 15:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/06/05 15:51:58 | 000,000,000 | ---D | C] -- C:\windows\fr

[2011/06/05 15:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/06/05 15:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2011/06/05 15:45:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll

[2011/06/05 15:44:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll

[2011/06/05 15:44:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll

[2011/06/05 13:58:03 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\Windows Live

[2011/06/05 13:57:15 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll

[2011/06/05 13:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\WindowsPowerShell

[2011/06/05 13:44:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrsmgr.dll

[2011/06/05 13:44:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrs.exe

[2011/06/05 13:44:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrshost.exe

[2011/06/05 13:44:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmprovhost.exe

[2011/06/05 13:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmplpxy.dll

[2011/06/05 13:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrssrv.dll

[2011/06/05 13:44:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wevtfwd.dll

[2011/06/05 13:44:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecutil.exe

[2011/06/05 13:44:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecapi.dll

[2011/06/05 13:44:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmRes.dll

[2011/06/05 13:44:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pwrshplugin.dll

[2011/06/05 13:44:10 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll

[2011/06/05 13:44:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe

[2011/06/05 13:44:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrscmd.dll

[2011/06/05 13:44:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll

[2011/06/05 13:44:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll

[2011/06/05 13:43:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe

[2011/06/05 13:43:06 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFH264Dec.dll

[2011/06/05 13:43:06 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFHEAACdec.dll

[2011/06/05 13:43:06 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfmp4src.dll

[2011/06/05 13:43:06 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll

[2011/06/05 13:43:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll

[2011/06/05 13:43:05 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll

[2011/06/05 13:43:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelinesvc.exe

[2011/06/05 13:43:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll

[2011/06/05 13:43:04 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfplat.dll

[2011/06/05 13:43:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfps.dll

[2011/06/05 13:43:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll

[2011/06/05 13:43:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelineprxy.dll

[2011/06/05 13:42:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll

[2011/06/05 13:42:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll

[2011/06/05 13:42:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe

[2011/06/05 13:42:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe

[2011/06/05 13:42:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll

[2011/06/05 13:42:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll

[2011/06/05 13:42:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb

[2011/06/05 13:42:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl

[2011/06/05 13:42:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll

[2011/06/05 13:42:26 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll

[2011/06/05 13:42:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll

[2011/06/05 13:42:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec

[2011/06/05 13:42:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll

[2011/06/05 13:42:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll

[2011/06/05 13:42:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll

[2011/06/05 13:42:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll

[2011/06/05 13:42:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll

[2011/06/05 13:42:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe

[2011/06/05 13:42:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll

[2011/06/05 13:42:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll

[2011/06/05 13:42:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll

[2011/06/05 13:42:11 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll

[2011/06/05 13:42:11 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll

[2011/06/05 13:42:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll

[2011/06/05 13:42:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll

[2011/06/05 13:42:05 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll

[2011/06/05 13:42:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll

[2011/06/05 13:42:05 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll

[2011/06/05 13:42:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll

[2011/06/05 13:42:04 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll

[2011/06/05 13:42:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll

[2011/06/05 13:42:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll

[2011/06/05 13:42:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll

[2011/06/05 13:42:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll

[2011/06/05 13:40:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll

[2011/06/05 13:40:13 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll

[2011/06/05 13:40:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax

[2011/06/05 13:40:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbeio.dll

[2011/06/05 13:40:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll

[2011/06/05 13:40:12 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll

[2011/06/05 13:40:11 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys

[2011/06/05 13:24:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe

[2011/06/05 13:24:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe

[2011/06/05 13:24:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe

[2011/06/05 13:24:46 | 000,000,000 | ---D | C] -- C:\windows\ERDNT

[2011/06/05 13:24:40 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/06/05 09:56:02 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\pavboot.sys

[2011/06/05 09:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security

[2011/06/05 09:53:32 | 000,000,000 | ---D | C] -- C:\windows\BDOSCAN8

[2011/06/05 08:28:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2011/06/05 08:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/06/05 08:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/06/05 08:28:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2011/06/05 08:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/06/05 08:26:47 | 000,000,000 | ---D | C] -- C:\28710

[2011/06/05 08:09:58 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\RK_Quarantine

[2011/06/03 01:24:56 | 000,000,000 | ---D | C] -- C:\found.001

[2011/05/17 13:35:17 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\Nouveau dossier (2)

[2009/05/31 00:02:05 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll

[2009/05/31 00:02:05 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/06/07 18:35:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/06/07 18:34:02 | 000,137,692 | ---- | M] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg

[2011/06/07 18:30:43 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/06/07 18:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job

[2011/06/07 18:20:03 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe

[2011/06/07 18:20:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll

[2011/06/07 18:19:46 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/06/07 18:19:46 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/06/07 18:19:38 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2011/06/07 18:19:34 | 3143,921,664 | -HS- | M] () -- C:\hiberfil.sys

[2011/06/07 17:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

[2011/06/07 14:12:11 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat

[2011/06/06 18:12:17 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

[2011/06/06 17:33:17 | 000,002,687 | ---- | M] () -- C:\Users\deborah\Desktop\Microsoft Office Word 2007.lnk

[2011/06/06 17:31:03 | 004,114,023 | ---- | M] (Swearware) -- C:\Users\deborah\Desktop\sally.com

[2011/06/05 21:59:05 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts

[2011/06/05 16:14:48 | 001,301,452 | ---- | M] () -- C:\Users\deborah\Desktop\tdsskiller.zip

[2011/06/05 16:02:59 | 000,404,320 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2011/06/05 15:56:42 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/06/05 15:47:14 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/06/05 13:47:54 | 000,706,322 | ---- | M] () -- C:\windows\System32\perfh00C.dat

[2011/06/05 13:47:54 | 000,140,328 | ---- | M] () -- C:\windows\System32\perfc00C.dat

[2011/06/05 13:26:11 | 000,637,304 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2011/06/05 13:26:11 | 000,120,808 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2011/06/05 09:42:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt

[2011/06/05 09:39:45 | 000,036,352 | -H-- | M] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/06/05 09:09:20 | 000,006,648 | ---- | M] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat

[2011/06/05 08:28:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/05 08:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.exe

[2011/06/05 08:17:42 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll

[2011/06/02 17:27:19 | 000,000,392 | ---- | M] () -- C:\ProgramData\34791160

[2011/06/02 17:23:52 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~34791160r

[2011/06/02 17:23:52 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~34791160

[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr

[2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe

[2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys

[2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys

[2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys

[2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys

[2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys

[2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys

 

========== Files Created - No Company Name ==========

 

[2011/06/07 18:35:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/06/07 18:33:57 | 000,137,692 | ---- | C] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg

[2011/06/07 18:30:43 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/06/05 21:57:55 | 3143,921,664 | -HS- | C] () -- C:\hiberfil.sys

[2011/06/05 16:14:30 | 001,301,452 | ---- | C] () -- C:\Users\deborah\Desktop\tdsskiller.zip

[2011/06/05 15:56:42 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/06/05 15:51:07 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk

[2011/06/05 15:50:23 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk

[2011/06/05 15:49:30 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2011/06/05 15:48:58 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/06/05 15:47:14 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/06/05 13:44:11 | 000,201,184 | ---- | C] () -- C:\windows\System32\winrm.vbs

[2011/06/05 13:44:11 | 000,002,426 | ---- | C] () -- C:\windows\System32\WsmTxt.xsl

[2011/06/05 13:44:10 | 000,004,675 | ---- | C] () -- C:\windows\System32\wsmanconfig_schema.xml

[2011/06/05 13:24:52 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe

[2011/06/05 13:24:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe

[2011/06/05 13:24:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe

[2011/06/05 13:24:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe

[2011/06/05 13:24:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe

[2011/06/05 08:28:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/05 08:11:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Galerie de photos Windows Live.lnk

[2011/06/05 08:11:17 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/06/05 08:11:16 | 000,001,748 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/06/05 08:11:16 | 000,000,938 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk

[2011/06/05 08:11:16 | 000,000,923 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/06/05 08:11:16 | 000,000,899 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/06/05 08:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\POWERPNT - Raccourci.lnk

[2011/06/05 08:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\MSACCESS - Raccourci.lnk

[2011/06/05 08:11:16 | 000,000,663 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk

[2011/06/05 08:11:16 | 000,000,651 | ---- | C] () -- C:\Users\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk

[2011/06/02 17:23:52 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~34791160r

[2011/06/02 17:23:52 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~34791160

[2011/06/02 17:23:36 | 000,000,392 | ---- | C] () -- C:\ProgramData\34791160

[2011/01/30 21:17:43 | 000,024,143 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\UserTile.png

[2011/01/13 13:53:42 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI

[2010/11/29 18:32:39 | 000,011,264 | -H-- | C] () -- C:\windows\System32\Utils.dll

[2010/10/04 12:20:23 | 000,182,163 | ---- | C] () -- C:\windows\hpoins44.dat

[2010/05/16 15:00:20 | 000,009,152 | ---- | C] () -- C:\windows\System32\drivers\Ticalc.sys

[2010/05/16 15:00:20 | 000,000,659 | ---- | C] () -- C:\windows\Wlink89.ini

[2009/12/06 11:51:36 | 000,006,648 | ---- | C] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat

[2009/09/25 13:32:31 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe

[2009/09/16 23:38:22 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin

[2009/09/16 23:38:21 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll

[2009/09/16 23:38:07 | 000,643,072 | ---- | C] () -- C:\windows\System32\autochk.exe

[2009/09/02 19:45:14 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol

[2009/06/15 15:39:50 | 000,101,159 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat

[2009/06/15 15:39:50 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat

[2009/06/15 15:39:50 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat

[2009/06/15 15:39:50 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat

[2009/06/15 15:39:50 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat

[2009/06/15 15:39:50 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat

[2009/06/15 15:39:50 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat

[2009/06/15 15:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat

[2009/06/15 15:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat

[2009/06/15 15:39:50 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat

[2009/06/15 15:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat

[2009/06/15 15:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat

[2009/06/15 15:39:50 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat

[2009/06/15 15:39:50 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat

[2009/06/15 15:39:50 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat

[2009/06/15 15:39:50 | 000,000,099 | ---- | C] () -- C:\windows\System32\PICSDK.ini

[2009/06/15 15:39:49 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat

[2009/06/15 15:30:32 | 000,000,025 | ---- | C] () -- C:\windows\CDE R240R245EU.ini

[2009/06/11 11:30:02 | 000,000,586 | ---- | C] () -- C:\windows\hpomdl44.dat

[2009/06/01 01:19:03 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin

[2009/05/31 00:11:37 | 000,036,352 | -H-- | C] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/31 00:02:05 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys

[2009/05/31 00:02:05 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys

[2009/05/31 00:02:05 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini

[2009/05/30 22:48:55 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat

[2008/07/12 08:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll

[2008/07/12 08:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll

[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll

[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll

[2008/07/12 08:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll

[2008/07/12 08:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll

[2008/07/12 08:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI

[2008/05/21 16:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll

[2008/05/21 16:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin

[2008/05/21 16:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin

[2008/05/21 16:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin

[2008/05/14 02:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys

[2008/04/17 18:29:08 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll

[2008/04/16 16:18:01 | 000,706,322 | ---- | C] () -- C:\windows\System32\perfh00C.dat

[2008/04/16 16:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat

[2008/04/16 16:18:01 | 000,140,328 | ---- | C] () -- C:\windows\System32\perfc00C.dat

[2008/04/16 16:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat

[2008/01/21 04:34:06 | 000,020,992 | ---- | C] () -- C:\windows\System32\drivers\ndistapi.sys

[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat

[2006/11/02 14:44:53 | 000,404,320 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT

[2006/11/02 12:33:01 | 000,637,304 | ---- | C] () -- C:\windows\System32\perfh009.dat

[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat

[2006/11/02 12:33:01 | 000,120,808 | ---- | C] () -- C:\windows\System32\perfc009.dat

[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat

[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat

[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini

[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat

[2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\windows\bdoscandel.exe

[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll

[2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll

[2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\windows\bdoscandellang.ini

[2005/02/25 06:15:00 | 000,159,744 | ---- | C] () -- C:\windows\System32\EPSPTDV.DLL

[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll

[1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

 

========== LOP Check ==========

 

[2011/03/30 13:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4

[2010/11/29 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla

[2009/07/09 23:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo

[2010/01/24 20:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++

[2010/01/26 00:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org

[2011/01/30 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking

[2009/08/31 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall

[2011/06/07 14:12:12 | 000,032,580 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

[2011/06/07 18:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %temp%\1\*. /s >

 

< %temp%\2\*. /s >

 

< %temp%\4\*. /s >

 

< %temp%\1\*.* /s >

 

< %temp%\2\*.* /s >

 

< %temp%\4\*.* /s >

 

< nslookup www.google.fr /c >

Serveur : neufbox

Address: 192.168.1.1

Nom : www.l.google.com

Addresses: 209.85.146.103

209.85.146.99

209.85.146.147

209.85.146.105

209.85.146.106

209.85.146.104

Aliases: WWW.GOOGLE.FR

www.google.com

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %APPDATA%\*. >

[2011/03/30 13:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4

[2011/06/05 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Adobe

[2009/12/30 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Apple Computer

[2010/11/29 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla

[2009/06/18 22:57:01 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Google

[2009/05/31 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Hewlett-Packard

[2010/10/04 12:58:21 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\HP

[2009/06/06 23:35:07 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\HPQLOG

[2009/05/31 00:10:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Identities

[2009/05/30 23:57:08 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InstallShield

[2009/07/09 23:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo

[2009/05/31 00:05:04 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Macromedia

[2011/03/27 14:53:30 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Malwarebytes

[2011/01/13 13:39:23 | 000,000,000 | --SD | M] -- C:\Users\deborah\AppData\Roaming\Microsoft

[2010/11/09 17:14:16 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Mozilla

[2010/01/24 20:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++

[2010/01/26 00:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org

[2011/01/30 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking

[2009/08/07 16:22:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Roxio

[2009/08/31 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall

 

< %APPDATA%\*.exe /s >

[2010/05/01 23:28:16 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\deborah\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

 

< MD5 for: AGP440.SYS >

[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\drivers\AGP440.sys

[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\windows\system32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ALG.EXE >

[2008/01/21 04:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\windows\system32\alg.exe

[2008/01/21 04:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe

 

< MD5 for: ATAPI.SYS >

[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\system32\drivers\atapi.sys

[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\windows\system32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 

< MD5 for: CDROM.SYS >

[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys

[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys

[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\system32\drivers\cdrom.sys

[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys

[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys

[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\windows\system32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\windows\system32\cngaudit.dll

[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: CSRSS.EXE >

[2008/01/21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\windows\system32\csrss.exe

[2008/01/21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

 

< MD5 for: EXPLORER.EXE >

[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\windows\explorer.exe

[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\system32\drivers\iaStorV.sys

[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\system32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\windows\system32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: IESETUP.DLL >

[2009/08/27 15:21:21 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=07C1DC30B491218B6364218691A54E0C -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\iesetup.dll

[2010/11/02 09:07:03 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=15B5E22813A9F30017D66A1329F2E27F -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23091_none_a8e2febb8dac6c20\iesetup.dll

[2009/03/08 13:32:49 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll

[2010/06/26 08:02:15 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2A9B26EFA43B753F10D47195F5D460A1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18943_none_a8919be474643d34\iesetup.dll

[2009/07/18 14:10:33 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2AC744DFF6F1DD28028741977644EEDE -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16890_none_c3892afe619bae44\iesetup.dll

[2010/01/02 08:32:33 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2BD0AD3549D92C564C71485456CCA0AA -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18882_none_a8655a047485967a\iesetup.dll

[2008/07/12 08:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=339804EF2921A0A369CC2FE1FD8160A1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iesetup.dll

[2008/01/21 04:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6001.18000_none_c5d0b5245e79496e\iesetup.dll

[2008/01/21 04:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll

[2009/03/03 06:16:25 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4778DA89B3D33C09EDEDE691DA491405 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16830_none_c3ca0a86616b069e\iesetup.dll

[2010/02/23 08:33:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=47A0E748323F3CADA388E39FA95273C1 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iesetup.dll

[2010/05/04 08:30:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=5568144CDB5C362E6C5A995C13075260 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iesetup.dll

[2009/03/03 06:14:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=56EECCEBC0CA71E29D0091FECD999A88 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21023_none_c461503d7a7e09be\iesetup.dll

[2009/08/27 15:36:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=58ADB147186B0D2B41EE4E91E6D5CC6B -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21116_none_c46f22ed7a7336f9\iesetup.dll

[2010/06/26 08:48:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=64910BBFFFF51E7104E97489A7348661 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23040_none_a9180e0d8d84c714\iesetup.dll

[2010/09/08 08:21:10 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6A17074523179649F6B068A405B1BB07 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23067_none_a909703b8d8eb057\iesetup.dll

[2010/01/02 16:50:27 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6EE0568A75F0CD510AB68D7FE9823951 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22973_none_a8fac7058d9a33aa\iesetup.dll

[2010/11/02 07:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=8C96C8402F61B995FE99F927D6CC635D -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18999_none_a8618e04748760f3\iesetup.dll

[2009/07/18 14:09:19 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=90C1A0EFC7BD918C2CE72E4110A4F607 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21089_none_c42672717aa9496e\iesetup.dll

[2011/02/22 09:13:12 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=A546FB719FD0F33241E2395EB8430AC9 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23143_none_a91b10d18d821040\iesetup.dll

[2008/07/12 08:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=AA9D7D186B605F799F09596B97019E6E -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iesetup.dll

[2009/08/27 15:57:38 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=B2C1896FC99EF32BB1F5E2354E2B80D0 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16916_none_c3e5ae00615563ed\iesetup.dll

[2010/05/04 07:55:42 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=BFCB54E8D0EA0DDC737216853F5F1BE7 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iesetup.dll

[2009/11/21 16:59:20 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D161F0D51B88344EC34C892FA328A414 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22956_none_a91367bb8d8747cd\iesetup.dll

[2009/08/27 07:17:43 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D1DDEE44E30941D0F55B782192D1ADD9 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\iesetup.dll

[2010/02/23 17:00:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=DDF95F4852B0CC532F2837BB7C26B720 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iesetup.dll

[2009/04/24 17:54:20 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=DFF5F2459420493D7F253EB5BD853A7C -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll

[2009/04/24 18:14:17 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=E8886C83286CC3BCCA9968A0E585A9B4 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll

[2009/11/21 08:34:39 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EDFCAC93F68A17624DAC4FCE70BA8C6D -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18865_none_a87dfaba7472aa9d\iesetup.dll

[2010/12/18 09:11:34 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EEDCAB431CAB2622F43EB1C871A75D49 -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23111_none_a93980018d6b89bf\iesetup.dll

[2010/09/08 07:56:53 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=F062C1B99EF675ECD47FCB767BABA327 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18975_none_a8732cb4747ac3b5\iesetup.dll

[2010/12/18 08:22:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FAE8EB8CFD74709D4BAB64A27DFD4FAE -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19019_none_a8b7e5867446b4ad\iesetup.dll

[2011/02/22 08:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\windows\system32\iesetup.dll

[2011/02/22 08:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19048_none_a8967578745fef29\iesetup.dll

 

< MD5 for: INSENG.DLL >

[2008/01/21 04:33:45 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=4023E0174BE81A68D64F4E8F0B280849 -- C:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6001.18000_none_993f5ba647c84d3e\inseng.dll

[2009/03/08 13:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\windows\system32\inseng.dll

[2009/03/08 13:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll

 

< MD5 for: LOCATOR.EXE >

[2006/11/02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\windows\system32\Locator.exe

[2006/11/02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe

 

< MD5 for: LSASS.EXE >

[2009/06/15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe

[2009/09/10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe

[2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\windows\system32\lsass.exe

[2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe

[2009/02/13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe

[2009/06/15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe

[2009/06/15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe

[2009/02/13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe

[2009/06/15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe

[2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe

[2009/09/09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe

[2009/09/10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe

[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe

[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe

[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe

[2009/02/13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

 

< MD5 for: MSDTC.EXE >

[2008/01/21 04:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\windows\system32\msdtc.exe

[2008/01/21 04:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe

 

< MD5 for: MSHTML.DLL >

[2009/11/21 08:35:43 | 005,940,736 | ---- | M] (Microsoft Corporation) MD5=062B81F34EADEEF652E759BF93691C50 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll

[2009/10/19 15:49:06 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=0AFEF7F9242F5F84F12AE9B84C2C57F4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22247_none_158eeb3d388785cb\mshtml.dll

[2009/10/19 15:36:07 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=0B772887F7C50D062AD0FB1B47C0279E -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18124_none_1517ed6c1f5c621a\mshtml.dll

[2010/12/18 09:13:16 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=0DA63A2B1D6D55E6005F4552D22E7BBE -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll

[2009/03/03 06:38:17 | 003,580,928 | ---- | M] (Microsoft Corporation) MD5=0DCC9623D9A3E77212177F59738BE29A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll

[2009/10/21 21:26:09 | 005,943,296 | ---- | M] (Microsoft Corporation) MD5=159239C8EF4D26392F9C160369348C61 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll

[2009/04/24 18:03:11 | 003,581,952 | ---- | M] (Microsoft Corporation) MD5=1638C2FA1CC381CE39504B39F7D87F35 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll

[2010/09/08 07:57:52 | 005,957,120 | ---- | M] (Microsoft Corporation) MD5=1704FC902E1B53EF87593D60FD312A55 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll

[2010/02/23 17:01:50 | 005,946,880 | ---- | M] (Microsoft Corporation) MD5=27DB55375D8F8045A27E016BB21B17C0 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll

[2009/07/18 13:33:22 | 003,599,360 | ---- | M] (Microsoft Corporation) MD5=2BC9595AEF52C3989B77AB8506615BAD -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll

[2008/07/12 08:17:02 | 003,591,680 | ---- | M] (Microsoft Corporation) MD5=3AE6072A86AD8049DD133DB40F73F0C8 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll

[2009/07/18 13:45:50 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=3AF70556543467956227B1D97B314E66 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll

[2009/08/27 14:54:40 | 003,600,896 | ---- | M] (Microsoft Corporation) MD5=3B7B0A46482EF271E5C434D0C070129A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22212_none_15aa598f3873b345\mshtml.dll

[2009/08/27 15:15:49 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=41FB8068E6624F4D843CB1C0F6E8B0EC -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22508_none_13d4b94f3b3fda3a\mshtml.dll

[2010/12/18 08:23:15 | 005,961,216 | ---- | M] (Microsoft Corporation) MD5=42B87D22378C1EF98F3B6F410C2670AA -- C:\windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll

[2009/10/19 16:25:09 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=44FD7EFD38472852E74E8E8D663E1961 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18344_none_131bd9c6224647b1\mshtml.dll

[2008/01/21 04:33:25 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=48E05FD07045BB2E5CFC43C970CAF1E7 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll

[2010/05/04 08:30:34 | 005,953,024 | ---- | M] (Microsoft Corporation) MD5=62F23130C89F1EE5C0C9EEAB0685D1E5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll

[2009/03/03 06:15:51 | 003,596,800 | ---- | M] (Microsoft Corporation) MD5=67FFB5ED7723D03B50734614D31B57A5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll

[2011/02/22 09:14:18 | 005,964,800 | ---- | M] (Microsoft Corporation) MD5=6D30A34B029176D86EC04ECE6C0F62B1 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll

[2009/08/27 07:18:40 | 005,940,224 | ---- | M] (Microsoft Corporation) MD5=7172C1681283EC40A8DA9ED4180FF390 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll

[2009/07/18 14:12:19 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=77693F4CD5CD48EE3A4ABB5073276976 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll

[2009/10/19 16:19:07 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=83A461E3BAB28ACDBE32E2A62BB1BEEE -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21142_none_11bd0f793e3f571e\mshtml.dll

[2009/04/24 17:41:26 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=8BC33ADC526B3E7EE6E6AA013154DF69 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll

[2010/02/23 08:34:51 | 005,944,832 | ---- | M] (Microsoft Corporation) MD5=8D5FB97AE3D30CCDD8C9D8AF447C7D09 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll

[2009/07/18 14:13:26 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=921E63B100F67FA21A0C623930810C58 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll

[2009/03/03 06:17:39 | 003,595,264 | ---- | M] (Microsoft Corporation) MD5=94ED56734E8AB74357F8EA2C5C174EA9 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll

[2008/07/12 08:16:57 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=977C356E655F357665310C0C95D0DBD4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll

[2010/11/02 07:58:14 | 005,959,168 | ---- | M] (Microsoft Corporation) MD5=9AC463498C480E9EB3C63DC21E4F29C8 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll

[2009/10/21 12:40:08 | 005,939,712 | ---- | M] (Microsoft Corporation) MD5=9BFB2F7C3A2F626040C4EB8CE5C6ED2A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll

[2008/07/12 08:16:58 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=9C4091CD321D6D8BCF9842F109EE574B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll

[2010/11/02 09:08:01 | 005,960,704 | ---- | M] (Microsoft Corporation) MD5=9FCC1F6457A84902EA7545B568B5AEDB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll

[2009/04/24 17:57:41 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=A0DB69A75113B6A396E271744489824F -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll

[2009/04/11 08:28:20 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=A4D04D404AFC1D30EDA01EE50D27AA51 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll

[2009/03/03 06:30:20 | 003,581,440 | ---- | M] (Microsoft Corporation) MD5=A77A82830D2BBB001A53A5368934F7EB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll

[2011/02/22 08:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\windows\system32\mshtml.dll

[2011/02/22 08:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll

[2009/08/27 15:59:40 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=AF7541BC2D91483328E6D9910CD33DD5 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll

[2010/05/04 07:56:28 | 005,950,976 | ---- | M] (Microsoft Corporation) MD5=B1E862448C38B0F70139BC28F67332DE -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll

[2009/08/27 14:39:41 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=BC72B82A8D9F0E2DE67A4985A6676786 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18100_none_15298c1c1f4fc4dc\mshtml.dll

[2010/01/02 16:51:38 | 005,945,856 | ---- | M] (Microsoft Corporation) MD5=BE6120F3D7A853039B5437AC9E1986C1 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll

[2009/08/27 15:30:12 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=BFF746B1558432533876014B66CF04C4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18319_none_13414afc22297291\mshtml.dll

[2009/04/24 18:17:00 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=C1BF8C6F8D5E0435D1ABBB94DAC8EAFD -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll

[2009/04/24 17:58:31 | 003,582,976 | ---- | M] (Microsoft Corporation) MD5=D12ADCB4045EF392A62990C06694EB78 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll

[2009/07/18 18:02:53 | 003,583,488 | ---- | M] (Microsoft Corporation) MD5=D38265A0C435E2A4BE5D662AB82F00E4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll

[2009/03/08 13:41:15 | 005,937,152 | ---- | M] (Microsoft Corporation) MD5=D469A0EBA2EF5C6BEE8065B7E3196E5E -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll

[2010/06/26 08:03:04 | 005,951,488 | ---- | M] (Microsoft Corporation) MD5=D6168759945CD6BC2DB4BFCD4E94B399 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll

[2009/07/18 13:54:12 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=D8C0B944A3FB4BE7BC8DA21D4A5B33AB -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll

[2009/04/23 14:14:20 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=DBACE2C96ED63E60CD5D89D8DE00D148 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll

[2009/10/19 16:40:16 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=DC162F0F1880C30296C5FAD1F60EC6D4 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16939_none_11456c7e25131982\mshtml.dll

[2010/01/02 08:33:34 | 005,942,784 | ---- | M] (Microsoft Corporation) MD5=DF4D546A6E1C8D0F4FC10FCC9E422763 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll

[2010/06/26 08:49:12 | 005,954,560 | ---- | M] (Microsoft Corporation) MD5=DF63821381A08F65174BA42745B1C79B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll

[2009/10/19 16:09:35 | 003,586,560 | ---- | M] (Microsoft Corporation) MD5=E3708336831E5249DBB274342649F483 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22544_none_13a578773b63e4a2\mshtml.dll

[2010/09/08 08:22:01 | 005,958,656 | ---- | M] (Microsoft Corporation) MD5=E993FB26BFAC2887BFE8DDAC4DC9180A -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll

[2009/08/27 15:22:52 | 005,942,272 | ---- | M] (Microsoft Corporation) MD5=E9C51FD04019DC14CAE9CEDE3C7B08E3 -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll

[2008/07/12 08:17:01 | 003,593,728 | ---- | M] (Microsoft Corporation) MD5=ED2588D1864319C54E79443130A8004B -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll

[2009/11/21 17:00:11 | 005,944,320 | ---- | M] (Microsoft Corporation) MD5=ED6055694115B1A247B2591AB465A21D -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll

[2009/08/27 15:38:04 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=F500476C0724E476F05331162D4C283D -- C:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21116_none_11e180653e2368a7\mshtml.dll

 

< MD5 for: NDIS.SYS >

[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\windows\system32\drivers\ndis.sys

[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys

[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys

[2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\windows\system32\netlogon.dll

[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\windows\system32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\system32\drivers\nvstor.sys

[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\system32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: PNGFILT.DLL >

[2009/08/27 15:39:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=1C1298D9D37238A00BC5D1DE83C3DD81 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21116_none_ec64dcf22f63617a\pngfilt.dll

[2009/03/03 06:17:37 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=27225BECF34ACCCC22432AF2372C19DE -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21023_none_ec570a422f6e343f\pngfilt.dll

[2008/07/12 08:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=2AE830B0A293F0CA6CC733CE348911F5 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0\pngfilt.dll

[2008/01/21 04:33:19 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=B8D3BF818DEFE1DA9A754F214E528221 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll

[2009/07/18 14:15:08 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C840E188F70E6A1287249434B7AC0D3C -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21089_none_ec1c2c762f9973ef\pngfilt.dll

[2009/08/27 16:01:41 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C898FF79CBFC9E03C4D98B896A9AF478 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16916_none_ebdb680516458e6e\pngfilt.dll

[2009/07/18 14:15:57 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=DCC808FD4EF7E5D3B90FD8F078C1EC7A -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16890_none_eb7ee503168bd8c5\pngfilt.dll

[2009/03/08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\windows\system32\pngfilt.dll

[2009/03/08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll

[2009/04/24 18:21:05 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F2AA0869227565752353CA2B8F5D2207 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll

[2009/03/03 06:19:30 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F759D496F5CD6C78D709CFF95A5F215B -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16830_none_ebbfc48b165b311f\pngfilt.dll

[2008/07/12 08:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F761B8CB64DB7D7F4C0B464E97CB7760 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7\pngfilt.dll

[2009/04/24 18:00:14 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F8BF080A314646A64CE4F24AE996E136 -- C:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll

 

< MD5 for: SAFEBOOT.SYS >

[2008/05/14 02:36:18 | 000,108,752 | ---- | M] (SafeBoot International) MD5=2A5EEDCB22A5D6BB0231E38A38E7A7D9 -- C:\windows\system32\drivers\SafeBoot.sys

 

< MD5 for: SCECLI.DLL >

[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\windows\system32\scecli.dll

[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 

< MD5 for: SNMPTRAP.EXE >

[2006/11/02 11:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\windows\system32\snmptrap.exe

[2006/11/02 11:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe

 

< MD5 for: SPOOLSV.EXE >

[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe

[2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe

[2008/01/21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe

[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\windows\system32\spoolsv.exe

[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe

[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe

[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

 

< MD5 for: TASKENG.EXE >

[2010/11/05 15:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe

[2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\windows\system32\taskeng.exe

[2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe

[2008/01/21 04:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe

[2010/11/05 00:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe

[2009/04/11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe

[2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe

 

< MD5 for: TCPIP.SYS >

[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys

[2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys

[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys

[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys

[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys

[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys

[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys

[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys

[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys

[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys

[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys

[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys

[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys

[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys

[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys

[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys

[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys

[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys

[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys

[2008/07/12 08:14:08 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys

[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys

[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\windows\system32\drivers\tcpip.sys

[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys

[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys

[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys

[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys

[2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys

[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

 

< MD5 for: UI0DETECT.EXE >

[2008/01/21 04:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\windows\system32\UI0Detect.exe

[2008/01/21 04:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe

 

< MD5 for: USBPRINT.SYS >

[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\windows\system32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys

[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\system32\drivers\usbprint.sys

[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\system32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys

[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\drivers\usbscan.sys

[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys

[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys

[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys

[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys

[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\windows\system32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\windows\system32\userinit.exe

[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 

< MD5 for: VDS.EXE >

[2008/01/21 04:34:50 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=B13BC395B9D6116628F5AF47E0802AC4 -- C:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe

[2009/04/11 08:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\windows\system32\vds.exe

[2009/04/11 08:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe

 

< MD5 for: VOLSNAP.SYS >

[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys

[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\system32\drivers\volsnap.sys

[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys

[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys

[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\windows\system32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys

[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

 

< MD5 for: VSSVC.EXE >

[2008/01/21 04:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=D5FB73D19C46ADE183F968E13F186B23 -- C:\windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe

[2009/04/11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\windows\system32\VSSVC.exe

[2009/04/11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe

 

< MD5 for: WEBCHECK.DLL >

[2008/01/21 04:33:49 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=4F4889A9D680714BE11B31BD01A0411A -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_612be2f851b99095\webcheck.dll

[2009/04/11 08:28:25 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=8208E4895BA625884FF3699CCA1D9E3D -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_63175c044edb5be1\webcheck.dll

[2009/03/08 13:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\windows\system32\webcheck.dll

[2009/03/08 13:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll

 

< MD5 for: WININIT.EXE >

[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\windows\system32\wininit.exe

[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\windows\system32\winlogon.exe

[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 

< MD5 for: WMIAPSRV.EXE >

[2009/04/11 08:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\windows\system32\wbem\WmiApSrv.exe

[2009/04/11 08:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApSrv.exe

[2008/01/21 04:33:24 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=ABA4CF9F856D9A3A25F4DDD7690A6E9D -- C:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe

 

< MD5 for: WMPNETWK.EXE >

[2008/01/21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Program Files\Windows Media Player\wmpnetwk.exe

[2008/01/21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe

 

< >

 

< End of report >

 

 

 

 

 

bon je vais faire la procédure que vous m'avez demandé.

Modifié le 7 juin 2011 par avilug

[avilug]

et voilà le rapport sous oTL PE version

 

 

OTL logfile created on: 6/7/2011 9:12:09 PM - Run

OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE

Windows Vista Home Basic Service Pack 2 (Version = 6.0.6002) - Type = System

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free

3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.09 Gb Total Space | 205.25 Gb Free Space | 71.25% Space Free | Partition Type: NTFS

Drive D: | 1021.00 Mb Total Space | 938.90 Mb Free Space | 91.96% Space Free | Partition Type: FAT32

Drive E: | 9.00 Gb Total Space | 1.85 Gb Free Space | 20.50% Space Free | Partition Type: NTFS

Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/06/05 02:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)

SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2008/05/20 20:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)

SRV - [2008/05/20 20:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)

SRV - [2008/05/14 16:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)

SRV - [2008/05/13 20:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)

SRV - [2008/05/12 09:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)

SRV - [2008/05/02 16:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)

SRV - [2008/04/18 09:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007/12/11 08:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2007/10/19 03:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)

SRV - [2007/05/15 19:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)

SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand] -- -- (USBAAPL)

DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)

DRV - File not found [Kernel | System] -- -- (dnasubuy)

DRV - File not found [Kernel | On_Demand] -- -- (catchme)

DRV - [2011/05/29 03:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/06/30 04:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot)

DRV - [2008/05/13 20:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)

DRV - [2008/05/13 20:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)

DRV - [2008/05/13 20:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)

DRV - [2008/05/13 20:36:18 | 000,108,752 | ---- | M] (SafeBoot International) [Kernel | Boot] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)

DRV - [2008/04/28 02:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel®

DRV - [2008/04/14 17:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

DRV - [2008/04/10 11:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2008/04/07 14:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)

DRV - [2008/04/07 14:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/02/29 12:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008/01/20 22:34:06 | 000,020,992 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2008/01/20 22:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)

DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2004/02/04 04:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)

DRV - [2001/01/29 10:41:04 | 000,009,152 | ---- | M] () [Kernel | Auto] -- C:\windows\System32\drivers\Ticalc.sys -- (TICalc)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\deborah_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\deborah_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\deborah_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

 

IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

IE - HKU\McAfeeMVSUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

 

 

IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

IE - HKU\TEMP_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\TEMP_ON_C\..\URLSearchHook: {a584454e-8fcc-41ab-b0f2-f30c06aab910} - Reg Error: Key error. File not found

IE - HKU\TEMP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.easysear.ch/"

FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/04 06:31:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/05 09:47:25 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/05 09:47:25 | 000,000,000 | ---D | M]

 

[2010/11/09 11:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\Mozilla\Extensions

[2011/05/18 07:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\extensions

[2010/11/09 16:01:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\deborah\AppData\Roaming\Mozilla\Firefox\Profiles\xcpc4ae4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/05 10:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/01/13 06:47:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/06/05 10:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2010/10/04 06:31:53 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3

[2011/02/02 15:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/08/24 15:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2009/08/24 15:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2009/08/24 15:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2009/08/24 15:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2009/08/24 15:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/06/05 15:59:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)

O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\deborah_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\deborah_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\TEMP_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)

O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)

O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)

O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)

O4 - HKU\McAfeeMVSUser_ON_C..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\TEMP_ON_C..\Run: [CanalPlayer] File not found

O4 - HKU\TEMP_ON_C..\Run: [LightScribe Control Panel] File not found

O4 - HKU\TEMP_ON_C..\Run: [msnmsgr] File not found

O4 - HKU\TEMP_ON_C..\Run: [swg] File not found

O4 - HKU\TEMP_ON_C..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\deborah_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\deborah_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\McAfeeMVSUser_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\TEMP_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)

MsConfig - StartUpReg: Akizijiwanomohag - hkey= - key= - File not found

MsConfig - StartUpReg: asp70vdviss.exe - hkey= - key= - File not found

MsConfig - StartUpReg: CanalPlayer - hkey= - key= - File not found

MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - File not found

MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

MsConfig - State: "startup" - 2

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PEVSystemStart - Service

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: procexp90.Sys - Driver

SafeBootMin: rpcnet - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PEVSystemStart - Service

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: procexp90.Sys - Driver

SafeBootNet: rdsessmgr - Service

SafeBootNet: rpcnet - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/06/07 12:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/06/07 11:42:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

[2011/06/06 12:12:17 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

[2011/06/06 11:39:55 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll

[2011/06/06 11:30:47 | 004,114,023 | ---- | C] (Swearware) -- C:\Users\deborah\Desktop\sally.com

[2011/06/06 11:29:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/06/06 11:28:14 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW

[2011/06/05 15:58:55 | 000,000,000 | ---D | C] -- C:\## aswSnx private storage

[2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\windows\temp

[2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\TEMP\AppData\Local\temp

[2011/06/05 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\temp

[2011/06/05 15:43:13 | 000,000,000 | ---D | C] -- C:\ComboFix

[2011/06/05 10:12:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe

[2011/06/05 10:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe

[2011/06/05 10:12:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe

[2011/06/05 09:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/06/05 09:56:15 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\System32\GEARAspi.dll

[2011/06/05 09:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/06/05 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/06/05 09:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/06/05 09:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/06/05 09:51:58 | 000,000,000 | ---D | C] -- C:\windows\fr

[2011/06/05 09:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/06/05 09:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2011/06/05 09:45:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll

[2011/06/05 09:44:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll

[2011/06/05 09:44:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll

[2011/06/05 07:58:03 | 000,000,000 | ---D | C] -- C:\Users\deborah\AppData\Local\Windows Live

[2011/06/05 07:57:15 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll

[2011/06/05 07:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\WindowsPowerShell

[2011/06/05 07:44:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrsmgr.dll

[2011/06/05 07:44:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrs.exe

[2011/06/05 07:44:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrshost.exe

[2011/06/05 07:44:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmprovhost.exe

[2011/06/05 07:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsmplpxy.dll

[2011/06/05 07:44:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrssrv.dll

[2011/06/05 07:44:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wevtfwd.dll

[2011/06/05 07:44:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecutil.exe

[2011/06/05 07:44:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wecapi.dll

[2011/06/05 07:44:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmRes.dll

[2011/06/05 07:44:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pwrshplugin.dll

[2011/06/05 07:44:10 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll

[2011/06/05 07:44:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe

[2011/06/05 07:44:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winrscmd.dll

[2011/06/05 07:44:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll

[2011/06/05 07:44:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll

[2011/06/05 07:43:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe

[2011/06/05 07:43:06 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFH264Dec.dll

[2011/06/05 07:43:06 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFHEAACdec.dll

[2011/06/05 07:43:06 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfmp4src.dll

[2011/06/05 07:43:06 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll

[2011/06/05 07:43:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll

[2011/06/05 07:43:05 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll

[2011/06/05 07:43:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelinesvc.exe

[2011/06/05 07:43:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll

[2011/06/05 07:43:04 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfplat.dll

[2011/06/05 07:43:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfps.dll

[2011/06/05 07:43:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll

[2011/06/05 07:43:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\printfilterpipelineprxy.dll

[2011/06/05 07:42:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll

[2011/06/05 07:42:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll

[2011/06/05 07:42:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe

[2011/06/05 07:42:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe

[2011/06/05 07:42:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll

[2011/06/05 07:42:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll

[2011/06/05 07:42:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb

[2011/06/05 07:42:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl

[2011/06/05 07:42:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll

[2011/06/05 07:42:26 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll

[2011/06/05 07:42:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll

[2011/06/05 07:42:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec

[2011/06/05 07:42:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll

[2011/06/05 07:42:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll

[2011/06/05 07:42:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll

[2011/06/05 07:42:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll

[2011/06/05 07:42:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll

[2011/06/05 07:42:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe

[2011/06/05 07:42:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll

[2011/06/05 07:42:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll

[2011/06/05 07:42:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll

[2011/06/05 07:42:11 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll

[2011/06/05 07:42:11 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll

[2011/06/05 07:42:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll

[2011/06/05 07:42:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll

[2011/06/05 07:42:05 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll

[2011/06/05 07:42:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll

[2011/06/05 07:42:05 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll

[2011/06/05 07:42:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll

[2011/06/05 07:42:04 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll

[2011/06/05 07:42:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll

[2011/06/05 07:42:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll

[2011/06/05 07:42:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll

[2011/06/05 07:42:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll

[2011/06/05 07:40:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll

[2011/06/05 07:40:13 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll

[2011/06/05 07:40:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax

[2011/06/05 07:40:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbeio.dll

[2011/06/05 07:40:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll

[2011/06/05 07:40:12 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll

[2011/06/05 07:40:11 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys

[2011/06/05 07:24:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe

[2011/06/05 07:24:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe

[2011/06/05 07:24:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe

[2011/06/05 07:24:46 | 000,000,000 | ---D | C] -- C:\windows\ERDNT

[2011/06/05 07:24:40 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/06/05 03:56:02 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\pavboot.sys

[2011/06/05 03:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security

[2011/06/05 03:53:32 | 000,000,000 | ---D | C] -- C:\windows\BDOSCAN8

[2011/06/05 02:28:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2011/06/05 02:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/06/05 02:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/06/05 02:28:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2011/06/05 02:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/06/05 02:26:47 | 000,000,000 | ---D | C] -- C:\28710

[2011/06/05 02:09:58 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\RK_Quarantine

[2011/06/02 19:24:56 | 000,000,000 | ---D | C] -- C:\found.001

[2011/05/17 07:35:17 | 000,000,000 | ---D | C] -- C:\Users\deborah\Desktop\Nouveau dossier (2)

[2009/05/30 18:02:05 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll

[2009/05/30 18:02:05 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/06/07 21:12:51 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin

[2011/06/07 13:32:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2011/06/07 13:32:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/06/07 13:32:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/06/07 13:32:16 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat

[2011/06/07 13:25:56 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe

[2011/06/07 13:25:54 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll

[2011/06/07 13:25:32 | 3146,006,528 | -HS- | M] () -- C:\hiberfil.sys

[2011/06/07 12:34:02 | 000,137,692 | ---- | M] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg

[2011/06/07 12:30:43 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/06/07 12:27:57 | 000,000,422 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job

[2011/06/07 11:42:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\deborah\Desktop\OTL.exe

[2011/06/07 08:01:17 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

[2011/06/07 08:00:54 | 000,001,227 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk

[2011/06/07 08:00:34 | 000,001,158 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk

[2011/06/07 08:00:28 | 000,002,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/06/07 08:00:22 | 000,001,037 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2011/06/06 12:12:17 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

[2011/06/06 11:33:17 | 000,002,687 | ---- | M] () -- C:\Users\deborah\Desktop\Microsoft Office Word 2007.lnk

[2011/06/06 11:31:03 | 004,114,023 | ---- | M] (Swearware) -- C:\Users\deborah\Desktop\sally.com

[2011/06/05 15:59:05 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts

[2011/06/05 10:21:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2011/06/05 10:14:48 | 001,301,452 | ---- | M] () -- C:\Users\deborah\Desktop\tdsskiller.zip

[2011/06/05 10:02:59 | 000,404,320 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2011/06/05 09:56:42 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/06/05 09:56:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/06/05 09:47:14 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/06/05 09:47:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/06/05 07:47:54 | 000,706,322 | ---- | M] () -- C:\windows\System32\perfh00C.dat

[2011/06/05 07:47:54 | 000,140,328 | ---- | M] () -- C:\windows\System32\perfc00C.dat

[2011/06/05 07:45:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2011/06/05 07:45:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

[2011/06/05 07:26:11 | 000,637,304 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2011/06/05 07:26:11 | 000,120,808 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2011/06/05 03:42:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt

[2011/06/05 03:39:45 | 000,036,352 | -H-- | M] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/06/05 03:09:20 | 000,006,648 | ---- | M] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat

[2011/06/05 02:28:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/05 02:28:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/06/05 02:20:38 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.exe

[2011/06/05 02:17:42 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll

[2011/06/02 11:27:19 | 000,000,392 | ---- | M] () -- C:\ProgramData\34791160

[2011/06/02 11:23:52 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~34791160r

[2011/06/02 11:23:52 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~34791160

[2011/05/29 03:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2011/05/29 03:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2011/05/10 08:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr

[2011/05/10 08:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe

[2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys

[2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys

[2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys

[2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys

[2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys

[2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys

 

========== Files Created - No Company Name ==========

 

[2011/06/07 21:12:51 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin

[2011/06/07 12:33:57 | 000,137,692 | ---- | C] () -- C:\Users\deborah\Documents\cc_20110607_183355.reg

[2011/06/07 12:30:43 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/06/05 15:57:55 | 3146,006,528 | -HS- | C] () -- C:\hiberfil.sys

[2011/06/05 10:14:30 | 001,301,452 | ---- | C] () -- C:\Users\deborah\Desktop\tdsskiller.zip

[2011/06/05 09:56:42 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/06/05 09:51:07 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk

[2011/06/05 09:50:23 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk

[2011/06/05 09:49:30 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2011/06/05 09:48:58 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/06/05 09:47:14 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/06/05 07:44:11 | 000,201,184 | ---- | C] () -- C:\windows\System32\winrm.vbs

[2011/06/05 07:44:11 | 000,002,426 | ---- | C] () -- C:\windows\System32\WsmTxt.xsl

[2011/06/05 07:44:10 | 000,004,675 | ---- | C] () -- C:\windows\System32\wsmanconfig_schema.xml

[2011/06/05 07:24:52 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe

[2011/06/05 07:24:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe

[2011/06/05 07:24:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe

[2011/06/05 07:24:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe

[2011/06/05 07:24:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe

[2011/06/05 02:28:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/05 02:11:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Galerie de photos Windows Live.lnk

[2011/06/05 02:11:17 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/06/05 02:11:16 | 000,001,748 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/06/05 02:11:16 | 000,000,938 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk

[2011/06/05 02:11:16 | 000,000,923 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/06/05 02:11:16 | 000,000,899 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/06/05 02:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\POWERPNT - Raccourci.lnk

[2011/06/05 02:11:16 | 000,000,670 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MSACCESS - Raccourci.lnk

[2011/06/05 02:11:16 | 000,000,663 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WINWORD - Raccourci.lnk

[2011/06/05 02:11:16 | 000,000,651 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EXCEL - Raccourci.lnk

[2011/06/02 11:23:52 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~34791160r

[2011/06/02 11:23:52 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~34791160

[2011/06/02 11:23:36 | 000,000,392 | ---- | C] () -- C:\ProgramData\34791160

[2011/01/30 15:17:43 | 000,024,143 | ---- | C] () -- C:\Users\deborah\AppData\Roaming\UserTile.png

[2011/01/13 07:53:42 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI

[2010/11/29 12:32:39 | 000,011,264 | -H-- | C] () -- C:\windows\System32\Utils.dll

[2010/10/04 06:20:23 | 000,182,163 | ---- | C] () -- C:\windows\hpoins44.dat

[2010/05/16 09:00:20 | 000,009,152 | ---- | C] () -- C:\windows\System32\drivers\Ticalc.sys

[2010/05/16 09:00:20 | 000,000,659 | ---- | C] () -- C:\windows\Wlink89.ini

[2009/12/06 05:51:36 | 000,006,648 | ---- | C] () -- C:\Users\deborah\AppData\Local\d3d9caps.dat

[2009/09/25 07:32:31 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe

[2009/09/16 17:38:22 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin

[2009/09/16 17:38:21 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll

[2009/09/16 17:38:07 | 000,643,072 | ---- | C] () -- C:\windows\System32\autochk.exe

[2009/09/02 13:45:14 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol

[2009/06/15 09:39:50 | 000,101,159 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat

[2009/06/15 09:39:50 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat

[2009/06/15 09:39:50 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat

[2009/06/15 09:39:50 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat

[2009/06/15 09:39:50 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat

[2009/06/15 09:39:50 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat

[2009/06/15 09:39:50 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat

[2009/06/15 09:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat

[2009/06/15 09:39:50 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat

[2009/06/15 09:39:50 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat

[2009/06/15 09:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat

[2009/06/15 09:39:50 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat

[2009/06/15 09:39:50 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat

[2009/06/15 09:39:50 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat

[2009/06/15 09:39:50 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat

[2009/06/15 09:39:50 | 000,000,099 | ---- | C] () -- C:\windows\System32\PICSDK.ini

[2009/06/15 09:39:49 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat

[2009/06/15 09:30:32 | 000,000,025 | ---- | C] () -- C:\windows\CDE R240R245EU.ini

[2009/06/11 05:30:02 | 000,000,586 | ---- | C] () -- C:\windows\hpomdl44.dat

[2009/05/31 19:19:03 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin

[2009/05/30 18:11:37 | 000,036,352 | -H-- | C] () -- C:\Users\deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/30 18:02:05 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys

[2009/05/30 18:02:05 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys

[2009/05/30 18:02:05 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini

[2009/05/30 16:48:55 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat

[2008/07/12 02:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll

[2008/07/12 02:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll

[2008/07/12 02:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll

[2008/07/12 02:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll

[2008/07/12 02:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll

[2008/07/12 02:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll

[2008/07/12 02:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI

[2008/05/21 10:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll

[2008/05/21 10:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin

[2008/05/21 10:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin

[2008/05/21 10:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin

[2008/04/17 12:29:08 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll

[2008/04/16 10:18:01 | 000,706,322 | ---- | C] () -- C:\windows\System32\perfh00C.dat

[2008/04/16 10:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat

[2008/04/16 10:18:01 | 000,140,328 | ---- | C] () -- C:\windows\System32\perfc00C.dat

[2008/04/16 10:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat

[2008/01/20 22:34:06 | 000,020,992 | ---- | C] () -- C:\windows\System32\drivers\ndistapi.sys

[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat

[2006/11/02 08:44:53 | 000,404,320 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT

[2006/11/02 06:33:01 | 000,637,304 | ---- | C] () -- C:\windows\System32\perfh009.dat

[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat

[2006/11/02 06:33:01 | 000,120,808 | ---- | C] () -- C:\windows\System32\perfc009.dat

[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat

[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat

[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT

[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini

[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat

[2006/05/24 19:22:06 | 000,053,248 | ---- | C] () -- C:\windows\bdoscandel.exe

[2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll

[2005/04/03 18:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll

[2005/03/14 08:38:28 | 000,000,469 | ---- | C] () -- C:\windows\bdoscandellang.ini

[2005/02/25 00:15:00 | 000,159,744 | ---- | C] () -- C:\windows\System32\EPSPTDV.DLL

[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll

[1998/05/06 23:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

 

========== LOP Check ==========

 

[2011/03/30 07:39:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\1102E401EBA3BC2A8016AAC3596A51A4

[2010/11/29 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\FileZilla

[2009/07/09 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\InterVideo

[2010/01/24 14:58:41 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Notepad++

[2010/01/25 18:39:12 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\OpenOffice.org

[2011/01/30 15:17:43 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\PeerNetworking

[2009/08/31 13:31:02 | 000,000,000 | ---D | M] -- C:\Users\deborah\AppData\Roaming\Thinstall

[2010/12/07 05:09:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data

[2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents

[2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites

[2010/12/06 14:01:39 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe

[2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2009/05/30 17:54:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2006/11/02 08:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[2009/06/15 09:42:12 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL

[2008/07/12 02:35:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall

[2009/06/06 17:29:43 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch

[2011/01/13 07:18:43 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip

[2011/06/05 09:56:14 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/12/30 11:12:30 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2011/06/07 13:32:16 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011/06/07 12:27:57 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{61A8ACA6-7A5C-4E28-96BD-6B5B48F18B7F}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

Invalid Environment Variable: %temp%\1\*.

 

Invalid Environment Variable: %temp%\2\*.

 

Invalid Environment Variable: %temp%\4\*.

 

Invalid Environment Variable: %temp%\1\*.*

 

Invalid Environment Variable: %temp%\2\*.*

 

Invalid Environment Variable: %temp%\4\*.*

 

Invalid Environment Variable: %windir%\temp\*.dat

 

< nslookup www.google.fr /c >

Server: UnKnown

Address: 127.0.0.1

 

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

 

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

 

Invalid Environment Variable: %APPDATA%\*.

 

Invalid Environment Variable: %APPDATA%\*.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/04/11 02:28:19 | 000,142,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\fontext.dll

[2009/04/11 02:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\mswsock.dll

[2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\shell32.dll

[2009/04/11 02:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\winrnr.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

 

< MD5 for: AGP440.SYS >

[2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008/01/20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ALG.EXE >

[2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\System32\alg.exe

[2008/01/20 22:33:53 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe

 

< MD5 for: ATAPI.SYS >

[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys

[2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008/01/20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 

< MD5 for: CDROM.SYS >

[2008/01/20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys

[2008/01/20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys

[2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys

[2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys

[2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys

[2006/11/02 04:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: CSRSS.EXE >

[2008/01/20 22:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe

[2008/01/20 22:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

 

< MD5 for: EXPLORER.EXE >

[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe

[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2008/01/20 22:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: IESETUP.DLL >

[2009/08/27 09:21:21 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=07C1DC30B491218B6364218691A54E0C -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\iesetup.dll

[2010/11/02 03:07:03 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=15B5E22813A9F30017D66A1329F2E27F -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23091_none_a8e2febb8dac6c20\iesetup.dll

[2009/03/08 07:32:49 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll

[2010/06/26 02:02:15 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2A9B26EFA43B753F10D47195F5D460A1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18943_none_a8919be474643d34\iesetup.dll

[2009/07/18 08:10:33 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2AC744DFF6F1DD28028741977644EEDE -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16890_none_c3892afe619bae44\iesetup.dll

[2010/01/02 02:32:33 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=2BD0AD3549D92C564C71485456CCA0AA -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18882_none_a8655a047485967a\iesetup.dll

[2008/07/12 02:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=339804EF2921A0A369CC2FE1FD8160A1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iesetup.dll

[2008/01/20 22:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6001.18000_none_c5d0b5245e79496e\iesetup.dll

[2008/01/20 22:33:55 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll

[2009/03/03 00:16:25 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4778DA89B3D33C09EDEDE691DA491405 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16830_none_c3ca0a86616b069e\iesetup.dll

[2010/02/23 02:33:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=47A0E748323F3CADA388E39FA95273C1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iesetup.dll

[2010/05/04 02:30:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=5568144CDB5C362E6C5A995C13075260 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iesetup.dll

[2009/03/03 00:14:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=56EECCEBC0CA71E29D0091FECD999A88 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21023_none_c461503d7a7e09be\iesetup.dll

[2009/08/27 09:36:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=58ADB147186B0D2B41EE4E91E6D5CC6B -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21116_none_c46f22ed7a7336f9\iesetup.dll

[2010/06/26 02:48:17 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=64910BBFFFF51E7104E97489A7348661 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23040_none_a9180e0d8d84c714\iesetup.dll

[2010/09/08 02:21:10 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6A17074523179649F6B068A405B1BB07 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23067_none_a909703b8d8eb057\iesetup.dll

[2010/01/02 10:50:27 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=6EE0568A75F0CD510AB68D7FE9823951 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22973_none_a8fac7058d9a33aa\iesetup.dll

[2010/11/02 01:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=8C96C8402F61B995FE99F927D6CC635D -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18999_none_a8618e04748760f3\iesetup.dll

[2009/07/18 08:09:19 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=90C1A0EFC7BD918C2CE72E4110A4F607 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21089_none_c42672717aa9496e\iesetup.dll

[2011/02/22 03:13:12 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=A546FB719FD0F33241E2395EB8430AC9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23143_none_a91b10d18d821040\iesetup.dll

[2008/07/12 02:16:58 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=AA9D7D186B605F799F09596B97019E6E -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iesetup.dll

[2009/08/27 09:57:38 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=B2C1896FC99EF32BB1F5E2354E2B80D0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16916_none_c3e5ae00615563ed\iesetup.dll

[2010/05/04 01:55:42 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=BFCB54E8D0EA0DDC737216853F5F1BE7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iesetup.dll

[2009/11/21 10:59:20 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D161F0D51B88344EC34C892FA328A414 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22956_none_a91367bb8d8747cd\iesetup.dll

[2009/08/27 01:17:43 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D1DDEE44E30941D0F55B782192D1ADD9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\iesetup.dll

[2010/02/23 11:00:45 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=DDF95F4852B0CC532F2837BB7C26B720 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iesetup.dll

[2009/04/24 11:54:20 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=DFF5F2459420493D7F253EB5BD853A7C -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll

[2009/04/24 12:14:17 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=E8886C83286CC3BCCA9968A0E585A9B4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll

[2009/11/21 02:34:39 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EDFCAC93F68A17624DAC4FCE70BA8C6D -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18865_none_a87dfaba7472aa9d\iesetup.dll

[2010/12/18 03:11:34 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=EEDCAB431CAB2622F43EB1C871A75D49 -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23111_none_a93980018d6b89bf\iesetup.dll

[2010/09/08 01:56:53 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=F062C1B99EF675ECD47FCB767BABA327 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18975_none_a8732cb4747ac3b5\iesetup.dll

[2010/12/18 02:22:11 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FAE8EB8CFD74709D4BAB64A27DFD4FAE -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19019_none_a8b7e5867446b4ad\iesetup.dll

[2011/02/22 02:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\Windows\System32\iesetup.dll

[2011/02/22 02:16:40 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=FDB878DD2D75AF2F21ADF2B114C313FB -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.19048_none_a8967578745fef29\iesetup.dll

 

< MD5 for: INSENG.DLL >

[2008/01/20 22:33:45 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=4023E0174BE81A68D64F4E8F0B280849 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6001.18000_none_993f5ba647c84d3e\inseng.dll

[2009/03/08 07:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\Windows\System32\inseng.dll

[2009/03/08 07:32:44 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll

 

< MD5 for: LOCATOR.EXE >

[2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\Windows\System32\Locator.exe

[2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\Windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe

 

< MD5 for: LSASS.EXE >

[2009/06/15 08:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe

[2009/09/10 10:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe

[2009/06/15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe

[2009/06/15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe

[2009/02/13 03:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe

[2009/06/15 09:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe

[2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe

[2009/02/13 00:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe

[2009/06/15 08:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe

[2009/06/15 09:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe

[2009/09/09 07:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe

[2009/09/10 10:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe

[2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe

[2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe

[2008/01/20 22:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe

[2009/02/13 04:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

 

< MD5 for: MSDTC.EXE >

[2008/01/20 22:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\Windows\System32\msdtc.exe

[2008/01/20 22:33:55 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\Windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe

 

< MD5 for: MSHTML.DLL >

[2009/11/21 02:35:43 | 005,940,736 | ---- | M] (Microsoft Corporation) MD5=062B81F34EADEEF652E759BF93691C50 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll

[2009/10/19 09:49:06 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=0AFEF7F9242F5F84F12AE9B84C2C57F4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22247_none_158eeb3d388785cb\mshtml.dll

[2009/10/19 09:36:07 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=0B772887F7C50D062AD0FB1B47C0279E -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18124_none_1517ed6c1f5c621a\mshtml.dll

[2010/12/18 03:13:16 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=0DA63A2B1D6D55E6005F4552D22E7BBE -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll

[2009/03/03 00:38:17 | 003,580,928 | ---- | M] (Microsoft Corporation) MD5=0DCC9623D9A3E77212177F59738BE29A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll

[2009/10/21 15:26:09 | 005,943,296 | ---- | M] (Microsoft Corporation) MD5=159239C8EF4D26392F9C160369348C61 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll

[2009/04/24 12:03:11 | 003,581,952 | ---- | M] (Microsoft Corporation) MD5=1638C2FA1CC381CE39504B39F7D87F35 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll

[2010/09/08 01:57:52 | 005,957,120 | ---- | M] (Microsoft Corporation) MD5=1704FC902E1B53EF87593D60FD312A55 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll

[2010/02/23 11:01:50 | 005,946,880 | ---- | M] (Microsoft Corporation) MD5=27DB55375D8F8045A27E016BB21B17C0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll

[2009/07/18 07:33:22 | 003,599,360 | ---- | M] (Microsoft Corporation) MD5=2BC9595AEF52C3989B77AB8506615BAD -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll

[2008/07/12 02:17:02 | 003,591,680 | ---- | M] (Microsoft Corporation) MD5=3AE6072A86AD8049DD133DB40F73F0C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll

[2009/07/18 07:45:50 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=3AF70556543467956227B1D97B314E66 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll

[2009/08/27 08:54:40 | 003,600,896 | ---- | M] (Microsoft Corporation) MD5=3B7B0A46482EF271E5C434D0C070129A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22212_none_15aa598f3873b345\mshtml.dll

[2009/08/27 09:15:49 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=41FB8068E6624F4D843CB1C0F6E8B0EC -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22508_none_13d4b94f3b3fda3a\mshtml.dll

[2010/12/18 02:23:15 | 005,961,216 | ---- | M] (Microsoft Corporation) MD5=42B87D22378C1EF98F3B6F410C2670AA -- C:\Windows\SoftwareDistribution\Download\8430e87565ba4408aed93f76136db174\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll

[2009/10/19 10:25:09 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=44FD7EFD38472852E74E8E8D663E1961 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18344_none_131bd9c6224647b1\mshtml.dll

[2008/01/20 22:33:25 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=48E05FD07045BB2E5CFC43C970CAF1E7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll

[2010/05/04 02:30:34 | 005,953,024 | ---- | M] (Microsoft Corporation) MD5=62F23130C89F1EE5C0C9EEAB0685D1E5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll

[2009/03/03 00:15:51 | 003,596,800 | ---- | M] (Microsoft Corporation) MD5=67FFB5ED7723D03B50734614D31B57A5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll

[2011/02/22 03:14:18 | 005,964,800 | ---- | M] (Microsoft Corporation) MD5=6D30A34B029176D86EC04ECE6C0F62B1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll

[2009/08/27 01:18:40 | 005,940,224 | ---- | M] (Microsoft Corporation) MD5=7172C1681283EC40A8DA9ED4180FF390 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll

[2009/07/18 08:12:19 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=77693F4CD5CD48EE3A4ABB5073276976 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll

[2009/10/19 10:19:07 | 003,602,432 | ---- | M] (Microsoft Corporation) MD5=83A461E3BAB28ACDBE32E2A62BB1BEEE -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21142_none_11bd0f793e3f571e\mshtml.dll

[2009/04/24 11:41:26 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=8BC33ADC526B3E7EE6E6AA013154DF69 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll

[2010/02/23 02:34:51 | 005,944,832 | ---- | M] (Microsoft Corporation) MD5=8D5FB97AE3D30CCDD8C9D8AF447C7D09 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll

[2009/07/18 08:13:26 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=921E63B100F67FA21A0C623930810C58 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll

[2009/03/03 00:17:39 | 003,595,264 | ---- | M] (Microsoft Corporation) MD5=94ED56734E8AB74357F8EA2C5C174EA9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll

[2008/07/12 02:16:57 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=977C356E655F357665310C0C95D0DBD4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll

[2010/11/02 01:58:14 | 005,959,168 | ---- | M] (Microsoft Corporation) MD5=9AC463498C480E9EB3C63DC21E4F29C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll

[2009/10/21 06:40:08 | 005,939,712 | ---- | M] (Microsoft Corporation) MD5=9BFB2F7C3A2F626040C4EB8CE5C6ED2A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll

[2008/07/12 02:16:58 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=9C4091CD321D6D8BCF9842F109EE574B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll

[2010/11/02 03:08:01 | 005,960,704 | ---- | M] (Microsoft Corporation) MD5=9FCC1F6457A84902EA7545B568B5AEDB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll

[2009/04/24 11:57:41 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=A0DB69A75113B6A396E271744489824F -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll

[2009/04/11 02:28:20 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=A4D04D404AFC1D30EDA01EE50D27AA51 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll

[2009/03/03 00:30:20 | 003,581,440 | ---- | M] (Microsoft Corporation) MD5=A77A82830D2BBB001A53A5368934F7EB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll

[2011/02/22 02:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\Windows\System32\mshtml.dll

[2011/02/22 02:17:40 | 005,962,240 | ---- | M] (Microsoft Corporation) MD5=AA411AEF2476D251078F9C9F0478C142 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll

[2009/08/27 09:59:40 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=AF7541BC2D91483328E6D9910CD33DD5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll

[2010/05/04 01:56:28 | 005,950,976 | ---- | M] (Microsoft Corporation) MD5=B1E862448C38B0F70139BC28F67332DE -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll

[2009/08/27 08:39:41 | 003,599,872 | ---- | M] (Microsoft Corporation) MD5=BC72B82A8D9F0E2DE67A4985A6676786 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18100_none_15298c1c1f4fc4dc\mshtml.dll

[2010/01/02 10:51:38 | 005,945,856 | ---- | M] (Microsoft Corporation) MD5=BE6120F3D7A853039B5437AC9E1986C1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll

[2009/08/27 09:30:12 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=BFF746B1558432533876014B66CF04C4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18319_none_13414afc22297291\mshtml.dll

[2009/04/24 12:17:00 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=C1BF8C6F8D5E0435D1ABBB94DAC8EAFD -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll

[2009/04/24 11:58:31 | 003,582,976 | ---- | M] (Microsoft Corporation) MD5=D12ADCB4045EF392A62990C06694EB78 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll

[2009/07/18 12:02:53 | 003,583,488 | ---- | M] (Microsoft Corporation) MD5=D38265A0C435E2A4BE5D662AB82F00E4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll

[2009/03/08 07:41:15 | 005,937,152 | ---- | M] (Microsoft Corporation) MD5=D469A0EBA2EF5C6BEE8065B7E3196E5E -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll

[2010/06/26 02:03:04 | 005,951,488 | ---- | M] (Microsoft Corporation) MD5=D6168759945CD6BC2DB4BFCD4E94B399 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll

[2009/07/18 07:54:12 | 003,584,512 | ---- | M] (Microsoft Corporation) MD5=D8C0B944A3FB4BE7BC8DA21D4A5B33AB -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll

[2009/04/23 08:14:20 | 003,597,824 | ---- | M] (Microsoft Corporation) MD5=DBACE2C96ED63E60CD5D89D8DE00D148 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll

[2009/10/19 10:40:16 | 003,598,336 | ---- | M] (Microsoft Corporation) MD5=DC162F0F1880C30296C5FAD1F60EC6D4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16939_none_11456c7e25131982\mshtml.dll

[2010/01/02 02:33:34 | 005,942,784 | ---- | M] (Microsoft Corporation) MD5=DF4D546A6E1C8D0F4FC10FCC9E422763 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll

[2010/06/26 02:49:12 | 005,954,560 | ---- | M] (Microsoft Corporation) MD5=DF63821381A08F65174BA42745B1C79B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll

[2009/10/19 10:09:35 | 003,586,560 | ---- | M] (Microsoft Corporation) MD5=E3708336831E5249DBB274342649F483 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22544_none_13a578773b63e4a2\mshtml.dll

[2010/09/08 02:22:01 | 005,958,656 | ---- | M] (Microsoft Corporation) MD5=E993FB26BFAC2887BFE8DDAC4DC9180A -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll

[2009/08/27 09:22:52 | 005,942,272 | ---- | M] (Microsoft Corporation) MD5=E9C51FD04019DC14CAE9CEDE3C7B08E3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll

[2008/07/12 02:17:01 | 003,593,728 | ---- | M] (Microsoft Corporation) MD5=ED2588D1864319C54E79443130A8004B -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll

[2009/11/21 11:00:11 | 005,944,320 | ---- | M] (Microsoft Corporation) MD5=ED6055694115B1A247B2591AB465A21D -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll

[2009/08/27 09:38:04 | 003,600,384 | ---- | M] (Microsoft Corporation) MD5=F500476C0724E476F05331162D4C283D -- C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21116_none_11e180653e2368a7\mshtml.dll

 

< MD5 for: NDIS.SYS >

[2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys

[2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys

[2008/01/20 22:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[2008/02/08 00:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys

[2008/02/08 00:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008/01/20 22:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: PNGFILT.DLL >

[2009/08/27 09:39:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=1C1298D9D37238A00BC5D1DE83C3DD81 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21116_none_ec64dcf22f63617a\pngfilt.dll

[2009/03/03 00:17:37 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=27225BECF34ACCCC22432AF2372C19DE -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21023_none_ec570a422f6e343f\pngfilt.dll

[2008/07/12 02:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=2AE830B0A293F0CA6CC733CE348911F5 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0\pngfilt.dll

[2008/01/20 22:33:19 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=B8D3BF818DEFE1DA9A754F214E528221 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll

[2009/07/18 08:15:08 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C840E188F70E6A1287249434B7AC0D3C -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21089_none_ec1c2c762f9973ef\pngfilt.dll

[2009/08/27 10:01:41 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=C898FF79CBFC9E03C4D98B896A9AF478 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16916_none_ebdb680516458e6e\pngfilt.dll

[2009/07/18 08:15:57 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=DCC808FD4EF7E5D3B90FD8F078C1EC7A -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16890_none_eb7ee503168bd8c5\pngfilt.dll

[2009/03/08 07:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\Windows\System32\pngfilt.dll

[2009/03/08 07:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=E5FA1B044DAC5F6F600A1742D73F6936 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll

[2009/04/24 12:21:05 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F2AA0869227565752353CA2B8F5D2207 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll

[2009/03/03 00:19:30 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F759D496F5CD6C78D709CFF95A5F215B -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16830_none_ebbfc48b165b311f\pngfilt.dll

[2008/07/12 02:16:59 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F761B8CB64DB7D7F4C0B464E97CB7760 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7\pngfilt.dll

[2009/04/24 12:00:14 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F8BF080A314646A64CE4F24AE996E136 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll

 

< MD5 for: SAFEBOOT.SYS >

[2008/05/13 20:36:18 | 000,108,752 | ---- | M] (SafeBoot International) MD5=2A5EEDCB22A5D6BB0231E38A38E7A7D9 -- C:\Windows\System32\drivers\SafeBoot.sys

 

< MD5 for: SCECLI.DLL >

[2008/01/20 22:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 

< MD5 for: SNMPTRAP.EXE >

[2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\Windows\System32\snmptrap.exe

[2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\Windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe

 

< MD5 for: SPOOLSV.EXE >

[2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe

[2009/04/11 02:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe

[2008/01/20 22:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe

[2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe

[2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe

[2010/08/17 10:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe

[2010/08/17 09:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

 

< MD5 for: TASKENG.EXE >

[2010/11/05 09:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe

[2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\System32\taskeng.exe

[2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe

[2008/01/20 22:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe

[2010/11/04 18:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe

[2009/04/11 02:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe

[2010/11/04 20:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe

 

< MD5 for: TCPIP.SYS >

[2008/04/26 04:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys

[2009/04/11 02:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys

[2009/12/08 16:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys

[2009/08/15 17:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys

[2009/08/14 13:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys

[2010/02/18 07:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys

[2010/02/18 10:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys

[2009/08/14 10:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys

[2009/12/08 16:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys

[2010/02/18 10:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys

[2010/02/18 08:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys

[2009/12/08 16:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys

[2010/06/16 11:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys

[2009/08/14 12:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys

[2010/06/16 12:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys

[2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys

[2008/04/26 04:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys

[2009/12/08 13:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys

[2009/08/14 13:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys

[2008/07/12 02:14:08 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys

[2010/02/18 13:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys

[2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys

[2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys

[2009/12/08 13:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys

[2010/02/18 10:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys

[2009/12/08 16:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys

[2008/01/20 22:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys

[2009/08/14 12:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

 

< MD5 for: UI0DETECT.EXE >

[2008/01/20 22:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\Windows\System32\UI0Detect.exe

[2008/01/20 22:33:45 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\Windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe

 

< MD5 for: USBPRINT.SYS >

[2006/11/02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys

[2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys

[2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys

[2008/01/20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys

[2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys

[2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys

[2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys

[2008/01/20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys

[2006/11/02 05:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2008/01/20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008/01/20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 

< MD5 for: VDS.EXE >

[2008/01/20 22:34:50 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=B13BC395B9D6116628F5AF47E0802AC4 -- C:\Windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe

[2009/04/11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\Windows\System32\vds.exe

[2009/04/11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\Windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe

 

< MD5 for: VOLSNAP.SYS >

[2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys

[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys

[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys

[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys

[2008/01/20 22:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys

[2008/01/20 22:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

 

< MD5 for: VSSVC.EXE >

[2008/01/20 22:33:20 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=D5FB73D19C46ADE183F968E13F186B23 -- C:\Windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe

[2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\Windows\System32\VSSVC.exe

[2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\Windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe

 

< MD5 for: WEBCHECK.DLL >

[2008/01/20 22:33:49 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=4F4889A9D680714BE11B31BD01A0411A -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_612be2f851b99095\webcheck.dll

[2009/04/11 02:28:25 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=8208E4895BA625884FF3699CCA1D9E3D -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_63175c044edb5be1\webcheck.dll

[2009/03/08 07:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\Windows\System32\webcheck.dll

[2009/03/08 07:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=CC8915DB4E33E8FB29CA0D2DBF75306E -- C:\Windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll

 

< MD5 for: WININIT.EXE >

[2008/01/20 22:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008/01/20 22:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008/01/20 22:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 

< MD5 for: WMIAPSRV.EXE >

[2009/04/11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\Windows\System32\wbem\WmiApSrv.exe

[2009/04/11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApSrv.exe

[2008/01/20 22:33:24 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=ABA4CF9F856D9A3A25F4DDD7690A6E9D -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe

 

< MD5 for: WMPNETWK.EXE >

[2008/01/20 22:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Program Files\Windows Media Player\wmpnetwk.exe

[2008/01/20 22:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe

 

 

< CREATERESTOREPOINT >

 

< End of report >

 

 

pear, je serai absent quelques jours , d'ici samedi, pourrons nous continuer la procédure ?

 

merci et bonne soirée

[pear]

Bonsoir;

 

Je serai aussi absent ce week-end.Retour Mardi.

Si je vous avais oublié, envoyez moi un message.

 

Java n'est pas à jour,donc vulnérable.

Téléchargez Javara

vers le bureau.

Dézippez.

lancez Javara.exe

clic sur mise à jour via jucheck

 

ou , si vous préférez par le site de Sun:

Download Now

S'ouvre une nouvelle page.

Vous descendrez là:

Java Runtime Environment (JRE) 6 Update 25

Clic sur Download

Nouvelle page.

Sélectionnez votre platform->Windows

Cochez "I agree to the java..."

clic sur continue

Nouvelle page

Cochez:

Windows Online Installation

Cochez la flèche orange

" Cochez ici"jre-6u24-windows-i586-p-iftw.exe

 

clic sur installer

 

Revenez dans JavaRa

 

Cliquez Effacer les anciennes versions

Puis..... Autres Options ->Cocher Effacer les fichiers JRE Inutiles ->Exécuter

 

 

 

Puisque vous avez pu le lancer,restons sous Otl:

 

Relancez Otl:

 

Sous Custom scan Files ou Personnalisation

Copiez Collez

:OTL

CREATERESTOREPOINT

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.easysear.ch/

FF - prefs.js..browser.startup.homepage: "www.easysear.ch/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

[2011/01/13 12:47:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A584454E-8FCC-41AB-B0F2-F30C06AAB910} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKU\S-1-5-21-919975420-3328306061-3923594028-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4 - HKLM..\Run: [CognizanceTS] File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)

MsConfig - StartUpReg: Akizijiwanomohag - hkey= - key= - File not found

MsConfig - StartUpReg: asp70vdviss.exe - hkey= - key= - File not found

MsConfig - StartUpReg: CanalPlayer - hkey= - key= - File not found

MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - File not found

SafeBootMin: AppMgmt - File not found

SafeBootMin: NTDS - File not found

SafeBootNet: AppMgmt - File not found

SafeBootNet: PNP Filter - Driver Group

[2011/06/05 15:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

 

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]

""=""%1" %*"

 

[purity]

[emptytemp]

[resethosts]

[Reboot]

-------->Cliquer Runfix ou Correction

 

OTL redémarrera le système automatiquement.

Postez le rapport.