Eliminer bera share web search

Zorba 1 · le 3 juillet 2011

Bonsoir;

A coté de la barre d' adresse principale s'est intallé "bear search web search" qui prend la main sur mes recherches. J'ai lancé une recherche dans programmes pour localiser cet intrus.

Je n'ai rien trouvé.Les seules traces trouvées sont dans la base de registre. Comment faire pour elimer l'intrus Merçi

jeanmimigab · le 3 juillet 2011

Bonsoir et bienvenu sur Zébulon,

Fais cela stp...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

@+

Zorba 1 · le 5 juillet 2011

Bonjour;

J'ai suivi les instructions et voila la copie des rapports.

Citation

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

Citation

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

Citation

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

Merçi

jeanmimigab · le 7 juillet 2011

hello,

relis bien les instructions car tu ne m'as pas poster les rapports générés par OTL, tu m'as poster 3 fois le contenu de la citation à coller dans "dans la partie inférieure d'OTL "personnalisation". :chpas:

@++

Zorba 1 · le 8 juillet 2011

Bonjour;

Merçi pour ta réponse.

J'ai un probleme au lancement de OTL.Quelques précisions:j'ai Windows 7 64 bits et Avast.Le logiciel se lance dans la Sand box et quelques fois au cours de mes tentatives j'ai un message d'erreur qui apparait. Je fait l'analyse hors connection.

"Exception Eole System. Un module OTL.exe at 000571.Classe non enregistrée.Si j'insiste le logiel demarre mais a la fin pour coller les rapports.txt l'option copier n'est pas disponible. (grisée). Merçi de m'eclairer.

Modifié le 8 juillet 2011 par Zorba 1

Zorba 1 · le 8 juillet 2011

hello,

relis bien les instructions car tu ne m'as pas poster les rapports générés par OTL, tu m'as poster 3 fois le contenu de la citation à coller dans "dans la partie inférieure d'OTL "personnalisation".

@++

jeanmimigab · le 8 juillet 2011

hello,

Désactive Avast à chaque utilisations d'outils, il ne faut lancer aucuns outils en "SandBox"

Zorba 1 · le 10 juillet 2011

Bonjour; Voila les rapports:

OTL logfile created on: 10/07/2011 06:49:39 - Run 1

OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Paul\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,99 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,73% Memory free

7,98 Gb Paging File | 6,45 Gb Available in Paging File | 80,77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 578,94 Gb Total Space | 427,83 Gb Free Space | 73,90% Space Free | Partition Type: NTFS

Drive D: | 596,17 Gb Total Space | 518,96 Gb Free Space | 87,05% Space Free | Partition Type: NTFS

Drive E: | 16,94 Gb Total Space | 2,74 Gb Free Space | 16,15% Space Free | Partition Type: NTFS

Drive F: | 99,34 Mb Total Space | 92,74 Mb Free Space | 93,36% Space Free | Partition Type: FAT32

Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

PRC - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()

PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)

PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)

PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)

PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

========== Modules (SafeList) ==========

MOD - C:\Users\Paul\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)

SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.)

SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)

SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)

SRV:64bit: - (UDisk Monitor) -- C:\Program Files\MOOV 3G+\bin\MonServiceUDisk.exe ()

SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)

SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)

SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files (x86)\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)

SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)

DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)

DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)

DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)

DRV:64bit: - (NETw5s64) Pilote de carte Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)

DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)

DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)

DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)

DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)

DRV:64bit: - (zteusbser) -- C:\Windows\SysNative\drivers\zteusbser.sys (ZTE Corporation)

DRV:64bit: - (umpusbvista) -- C:\Windows\SysNative\drivers\umpusbvista.sys (Texas Instruments Inc)

DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found

IE - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "iMesh Web Search"

FF - prefs.js..browser.search.order.1: "iMesh Web Search"

FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..keyword.URL: "http://search.imesh.com/web?src=ffb&systemid=1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/05/11 04:06:45 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/27 18:03:38 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/27 18:03:38 | 000,000,000 | ---D | M]

[2011/04/16 08:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions

[2010/09/15 22:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2011/07/09 09:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions

[2011/02/18 14:31:25 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\gevs52mp.default\extensions\tineye@ideeinc.com

[2010/09/14 15:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\BearShareWebSearch.xml

[2010/11/05 10:47:22 | 000,002,272 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gevs52mp.default\searchplugins\flickr-search-suggestions.xml

[2011/05/28 12:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/09/24 17:03:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/09/23 10:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/16 15:12:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/02/09 19:05:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/05/18 15:04:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/03/21 08:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll

[2011/06/27 18:03:36 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml

[2010/09/14 15:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml

[2011/06/27 18:03:36 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/06/27 18:03:36 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml

[2011/06/27 18:03:36 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/06/27 18:03:36 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)

O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (T4PCBHO Class) - {AB720781-0670-4e46-B82E-376AEF228F25} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll (Tuto4PC)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4:64bit: - HKLM..\Run: [intelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()

O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [Tuto4pc] File not found

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found

O4 - Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKU\S-1-5-21-3619440750-2551092191-1784321679-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8:64bit: - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8:64bit: - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun

O33 - MountPoints2\{1a4354f5-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell - "" = AutoRun

O33 - MountPoints2\{1a43553f-44d1-11e0-a2e8-ea74066c9e26}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell - "" = AutoRun

O33 - MountPoints2\{1f75ca31-68ad-11e0-9939-c3f415ed5c67}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell - "" = AutoRun

O33 - MountPoints2\{2315a6b7-329b-11e0-a74a-a541ef095626}\Shell\AutoRun\command - "" = I:\Setup.exe

O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun

O33 - MountPoints2\{36e25065-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell - "" = AutoRun

O33 - MountPoints2\{36e250bc-44cd-11e0-a70b-ab79091e1e27}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun

O33 - MountPoints2\{3a95681d-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell - "" = AutoRun

O33 - MountPoints2\{3a95687a-4df8-11e0-8892-f67cec26442c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun

O33 - MountPoints2\{445341ec-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell - "" = AutoRun

O33 - MountPoints2\{44534225-44e6-11e0-9bee-9e4e5ee88325}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48394d9b-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48394dbf-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48394f81-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48394fa4-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48395045-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell - "" = AutoRun

O33 - MountPoints2\{48395065-4629-11e0-be78-d09f50c5b57c}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun

O33 - MountPoints2\{609e810a-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell - "" = AutoRun

O33 - MountPoints2\{609e8145-44d3-11e0-9adc-cbfee5fc1c08}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell - "" = AutoRun

O33 - MountPoints2\{705457bc-4e44-11e0-a5ee-94b564520324}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{a57f1ecb-4587-11e0-bba2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell - "" = AutoRun

O33 - MountPoints2\{a57f214a-4587-11e0-bba2-baf7bd883e25}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun

O33 - MountPoints2\{b5927f2b-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell - "" = AutoRun

O33 - MountPoints2\{b5927f45-44d2-11e0-a52b-d06e6d1e9926}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun

O33 - MountPoints2\{cc93fcc0-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell - "" = AutoRun

O33 - MountPoints2\{cc93fcfa-44eb-11e0-9372-b4496b98bb25}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun

O33 - MountPoints2\{e479a994-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell - "" = AutoRun

O33 - MountPoints2\{e479a9aa-4651-11e0-8d0e-ae25e291f525}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\I\Shell - "" = AutoRun

O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.)

MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^Users^Paul^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ()

MsConfig:64bit - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)

MsConfig:64bit - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)

MsConfig:64bit - StartUpReg: WirelessAssistant - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)

MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)

Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

========== Files/Folders - Created Within 30 Days ==========

[2011/07/10 06:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\showthread.php 22_fichiers

[2011/07/09 11:49:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725_fichiers

[2011/07/09 11:29:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877_fichiers

[2011/07/09 10:26:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Pics

[2011/07/09 07:07:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Jigs

[2011/07/09 07:05:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BOOKS 1

[2011/07/08 12:53:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747_fichiers

[2011/07/07 18:18:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide_fichiers

[2011/07/07 18:16:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide_fichiers

[2011/07/07 08:00:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\lyman_fichiers

[2011/07/06 15:45:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910_fichiers

[2011/07/06 09:01:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\actualiteNationale.php_fichiers

[2011/07/05 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\print.asp router_fichiers

[2011/07/05 17:19:20 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\article-30676114_fichiers

[2011/07/05 12:29:11 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982_fichiers

[2011/07/04 11:59:33 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379_fichiers

[2011/07/04 10:02:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Camping, Eclairage,Orientation,Optique

[2011/07/04 09:56:12 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Doc Fixations ,Visserie,Mecanique,

[2011/07/04 09:54:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Transports,

[2011/07/04 09:51:27 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Docs Madagascar

[2011/07/03 20:29:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409_fichiers

[2011/07/03 18:49:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité_fichiers

[2011/07/03 14:57:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\showthread.php_fichiers

[2011/07/03 14:55:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10_fichiers

[2011/07/03 14:54:00 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297_fichiers

[2011/07/02 12:41:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\zhpdiag_fichiers

[2011/06/30 19:29:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\edit_fichiers

[2011/06/30 18:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4PC

[2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Tuto4pc

[2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Tuto4pc

[2011/06/30 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc

[2011/06/30 16:32:09 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436_fichiers

[2011/06/29 21:12:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\oregon-450_fichiers

[2011/06/29 20:43:14 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature_fichiers

[2011/06/29 20:41:47 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature_fichiers

[2011/06/29 16:54:07 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

[2011/06/29 16:54:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

[2011/06/29 16:54:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

[2011/06/29 16:54:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

[2011/06/29 16:54:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

[2011/06/29 16:54:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

[2011/06/29 16:54:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

[2011/06/29 16:54:00 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

[2011/06/29 16:54:00 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

[2011/06/29 16:54:00 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

[2011/06/29 16:54:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

[2011/06/29 16:54:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

[2011/06/29 16:54:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll

[2011/06/29 16:54:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

[2011/06/29 16:54:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

[2011/06/29 16:53:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

[2011/06/29 13:33:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Massif+du+Makay_fichiers

[2011/06/29 13:31:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\tananarive_manambato_fichiers

[2011/06/29 13:14:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\trajet_fichiers

[2011/06/29 13:10:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\stations_fichiers

[2011/06/28 17:38:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\index.php_fichiers

[2011/06/28 11:58:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\welcome_fichiers

[2011/06/27 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli_fichiers

[2011/06/27 18:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Souris Microsoft

[2011/06/27 18:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2011/06/27 18:15:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\messages-2_fichiers

[2011/06/27 18:12:55 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\messages-1_fichiers

[2011/06/27 13:18:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable_fichiers

[2011/06/27 12:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group

[2011/06/25 17:15:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Dossier

[2011/06/25 11:59:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195_fichiers

[2011/06/25 11:58:14 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\spip.php_fichiers

[2011/06/23 18:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}

[2011/06/23 13:00:19 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\callcreditcard3D_fichiers

[2011/06/23 07:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

[2011/06/21 13:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue

[2011/06/19 06:28:39 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\5ch3_seq1_act2_fichiers

[2011/06/18 19:17:15 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/06/18 19:17:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2011/06/18 19:17:14 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/06/18 19:17:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/06/18 19:16:28 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2011/06/13 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\la-carte-mere_fichiers

[2011/06/13 09:28:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Logiciels

[2011/06/13 08:19:47 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Fims vus Marc

[2011/06/12 20:54:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LDW

[2011/06/12 20:53:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WildTangent

[2011/06/12 17:09:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\cyclone_fichiers

[2011/06/11 09:14:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun

[2011/06/11 09:09:26 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3

[2011/06/11 07:47:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Films 4

[2011/06/10 17:18:55 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\viewtopic.php_fichiers

[2011/06/10 17:05:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\bv.aspx_fichiers

[2011/06/10 16:49:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\imgres_fichiers

[2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ]

[2 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 06:50:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/07/10 06:29:05 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/07/10 06:15:06 | 000,089,080 | ---- | M] () -- C:\Users\Paul\Desktop\showthread.php 22.htm

[2011/07/10 05:58:49 | 000,057,273 | ---- | M] () -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725.html

[2011/07/10 05:52:11 | 002,114,056 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/07/10 05:52:11 | 001,530,784 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/07/10 05:52:11 | 000,416,924 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/07/10 05:52:11 | 000,377,956 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/07/10 05:52:11 | 000,050,046 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/07/10 05:48:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/07/09 20:44:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/07/09 20:44:17 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/07/09 20:37:02 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/07/09 20:36:19 | 3214,045,184 | -HS- | M] () -- C:\hiberfil.sys

[2011/07/09 11:29:18 | 000,132,384 | ---- | M] () -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877.html

[2011/07/08 16:40:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011/07/08 12:53:20 | 000,133,638 | ---- | M] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm

[2011/07/08 07:21:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job

[2011/07/07 19:09:56 | 000,491,366 | ---- | M] () -- C:\Users\Paul\Desktop\manuel-installation-biodigesteur.pdf

[2011/07/07 18:18:59 | 000,161,882 | ---- | M] () -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide.htm

[2011/07/07 18:16:08 | 000,154,058 | ---- | M] () -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide.htm

[2011/07/07 08:40:39 | 000,550,990 | ---- | M] () -- C:\Users\Paul\Desktop\pdf la lettre.pdf

[2011/07/07 08:01:00 | 000,006,533 | ---- | M] () -- C:\Users\Paul\Desktop\lyman.html

[2011/07/06 15:45:51 | 000,097,715 | ---- | M] () -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910.htm

[2011/07/06 09:01:48 | 000,037,181 | ---- | M] () -- C:\Users\Paul\Desktop\actualiteNationale.php.htm

[2011/07/05 17:21:06 | 000,016,367 | ---- | M] () -- C:\Users\Paul\Desktop\print.asp router.htm

[2011/07/05 17:19:21 | 000,051,406 | ---- | M] () -- C:\Users\Paul\Desktop\article-30676114.html

[2011/07/05 12:29:13 | 000,141,423 | ---- | M] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html

[2011/07/04 18:48:35 | 000,001,046 | ---- | M] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk

[2011/07/04 17:12:52 | 000,125,233 | ---- | M] () -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379.html

[2011/07/04 14:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/07/04 14:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011/07/04 14:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011/07/04 14:37:39 | 000,129,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys

[2011/07/04 14:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011/07/04 14:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011/07/04 14:36:24 | 000,257,368 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys

[2011/07/04 14:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011/07/04 14:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011/07/04 14:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011/07/04 14:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011/07/03 20:29:18 | 000,073,885 | ---- | M] () -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409.htm

[2011/07/03 18:49:53 | 000,085,796 | ---- | M] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm

[2011/07/03 14:57:54 | 000,120,396 | ---- | M] () -- C:\Users\Paul\Desktop\showthread.php.htm

[2011/07/03 14:55:27 | 000,148,276 | ---- | M] () -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10.html

[2011/07/03 14:54:02 | 000,147,715 | ---- | M] () -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297.html

[2011/07/02 21:02:20 | 000,393,179 | ---- | M] () -- C:\Users\Paul\Desktop\bpt6k121915z.r='la+certenue'.langFR

[2011/07/02 18:03:53 | 001,350,812 | ---- | M] () -- C:\Users\Paul\Desktop\multi_page.pdf

[2011/07/02 12:41:09 | 000,105,350 | ---- | M] () -- C:\Users\Paul\Desktop\zhpdiag.html

[2011/07/01 12:34:09 | 000,650,719 | ---- | M] () -- C:\Users\Paul\Desktop\v03180_TRA.pdf

[2011/06/30 19:30:13 | 001,519,156 | ---- | M] () -- C:\Users\Paul\Desktop\34651.pdf

[2011/06/30 19:29:04 | 000,672,993 | ---- | M] () -- C:\Users\Paul\Desktop\edit.htm

[2011/06/30 16:32:09 | 000,035,711 | ---- | M] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html

[2011/06/29 21:12:57 | 000,044,010 | ---- | M] () -- C:\Users\Paul\Desktop\oregon-450.html

[2011/06/29 20:43:15 | 000,022,745 | ---- | M] () -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature.htm

[2011/06/29 20:41:56 | 000,021,704 | ---- | M] () -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature.htm

[2011/06/29 17:37:07 | 000,400,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/06/29 13:33:32 | 000,046,840 | ---- | M] () -- C:\Users\Paul\Desktop\Massif+du+Makay.html

[2011/06/29 13:31:31 | 000,039,961 | ---- | M] () -- C:\Users\Paul\Desktop\tananarive_manambato.htm

[2011/06/29 13:14:43 | 000,013,966 | ---- | M] () -- C:\Users\Paul\Desktop\trajet.htm

[2011/06/29 13:11:06 | 000,064,266 | ---- | M] () -- C:\Users\Paul\Desktop\stations.htm

[2011/06/28 17:38:02 | 000,107,769 | ---- | M] () -- C:\Users\Paul\Desktop\index.php.htm

[2011/06/28 15:54:37 | 000,549,814 | ---- | M] () -- C:\Users\Paul\Desktop\open office writer - bien rdiger ses courriers.pdf

[2011/06/28 11:59:00 | 000,177,542 | ---- | M] () -- C:\Users\Paul\Desktop\welcome.htm

[2011/06/27 20:11:57 | 000,039,669 | ---- | M] () -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli.html

[2011/06/27 18:15:13 | 000,154,208 | ---- | M] () -- C:\Users\Paul\Desktop\messages-2.html

[2011/06/27 18:12:58 | 000,118,477 | ---- | M] () -- C:\Users\Paul\Desktop\messages-1.html

[2011/06/27 13:18:26 | 000,055,583 | ---- | M] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm

[2011/06/25 11:59:29 | 000,057,076 | ---- | M] () -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195.htm

[2011/06/25 11:58:14 | 000,036,272 | ---- | M] () -- C:\Users\Paul\Desktop\spip.php.htm

[2011/06/25 11:56:13 | 001,314,582 | ---- | M] () -- C:\Users\Paul\Desktop\Guide_Writer.pdf

[2011/06/23 19:07:33 | 000,273,044 | ---- | M] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf

[2011/06/23 18:58:59 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk

[2011/06/23 18:51:22 | 000,262,253 | ---- | M] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf

[2011/06/23 18:12:44 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011/06/23 13:00:20 | 000,007,566 | ---- | M] () -- C:\Users\Paul\Desktop\callcreditcard3D.htm

[2011/06/19 06:28:40 | 000,010,203 | ---- | M] () -- C:\Users\Paul\Desktop\5ch3_seq1_act2.htm

[2011/06/13 15:03:37 | 000,013,691 | ---- | M] () -- C:\Users\Paul\Desktop\la-carte-mere.htm

[2011/06/12 17:09:47 | 000,011,348 | ---- | M] () -- C:\Users\Paul\Desktop\cyclone.html

[2011/06/11 23:31:47 | 000,000,201 | ---- | M] () -- C:\Users\Paul\Desktop\#q=bois+de+rose+filetypepdf&hl=fr&safe=off&prmd=ivns&ei=RRLxTY2WLs2q8APz74SUBA&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=9a97b.URL

[2011/06/11 09:13:34 | 000,001,201 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

[2011/06/11 09:09:26 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk

[2011/06/10 17:18:55 | 000,029,640 | ---- | M] () -- C:\Users\Paul\Desktop\viewtopic.php.htm

[2011/06/10 17:05:32 | 000,006,150 | ---- | M] () -- C:\Users\Paul\Desktop\bv.aspx.htm

[2011/06/10 16:50:07 | 000,009,941 | ---- | M] () -- C:\Users\Paul\Desktop\imgres.htm

[2 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ]

[2 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 06:50:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/07/10 06:15:05 | 000,089,080 | ---- | C] () -- C:\Users\Paul\Desktop\showthread.php 22.htm

[2011/07/10 05:58:49 | 000,057,273 | ---- | C] () -- C:\Users\Paul\Desktop\demander-la-cloture-d-un-compte-bancaire_72725.html

[2011/07/09 19:32:34 | 736,720,498 | ---- | C] () -- C:\Users\Paul\Desktop\Cash.FRENCH.R5.XviD-GHOST.avi

[2011/07/09 19:31:36 | 733,310,976 | ---- | C] () -- C:\Users\Paul\Desktop\City.Hall.French.DVDRiP.avi

[2011/07/09 11:29:15 | 000,132,384 | ---- | C] () -- C:\Users\Paul\Desktop\vos-droits-vis-a-vis-des-hoteliers_160877.html

[2011/07/08 12:53:18 | 000,133,638 | ---- | C] () -- C:\Users\Paul\Desktop\comment-installer-une-plaque-de-cuisson-encastrable---1300718747.htm

[2011/07/07 19:07:48 | 000,491,366 | ---- | C] () -- C:\Users\Paul\Desktop\manuel-installation-biodigesteur.pdf

[2011/07/07 18:18:51 | 000,161,882 | ---- | C] () -- C:\Users\Paul\Desktop\Rocking Chair University Week – Day 1 _ Woodworker's Guide.htm

[2011/07/07 18:16:07 | 000,154,058 | ---- | C] () -- C:\Users\Paul\Desktop\A Simple Plunge Router Mortising Jig _ Woodworker's Guide.htm

[2011/07/07 08:40:39 | 000,550,990 | ---- | C] () -- C:\Users\Paul\Desktop\pdf la lettre.pdf

[2011/07/07 08:00:59 | 000,006,533 | ---- | C] () -- C:\Users\Paul\Desktop\lyman.html

[2011/07/06 21:07:23 | 892,070,332 | ---- | C] () -- C:\Users\Paul\Desktop\Le secret du chevalier d'Eon.avi

[2011/07/06 21:02:37 | 730,216,448 | ---- | C] () -- C:\Users\Paul\Desktop\Secret.Defense.FRENCH.DVDRip.XviD-ZANBiC.avi

[2011/07/06 21:01:23 | 733,782,016 | ---- | C] () -- C:\Users\Paul\Desktop\Wisegal.STV.2008.FRENCH.DVDRiP.XViD-S60.By.Emulix.[emule-island.com].avi

[2011/07/06 21:00:01 | 733,988,864 | ---- | C] () -- C:\Users\Paul\Desktop\F - The Lost Angel (Action Policier 2004).avi

[2011/07/06 20:57:21 | 655,284,560 | ---- | C] () -- C:\Users\Paul\Desktop\Himalaya, le chemin du ciel.avi

[2011/07/06 15:45:50 | 000,097,715 | ---- | C] () -- C:\Users\Paul\Desktop\a4083bc4-cdb5-436b-a64b-fb5bdb98a910.htm

[2011/07/06 09:01:46 | 000,037,181 | ---- | C] () -- C:\Users\Paul\Desktop\actualiteNationale.php.htm

[2011/07/05 17:21:06 | 000,016,367 | ---- | C] () -- C:\Users\Paul\Desktop\print.asp router.htm

[2011/07/05 17:19:19 | 000,051,406 | ---- | C] () -- C:\Users\Paul\Desktop\article-30676114.html

[2011/07/05 12:29:11 | 000,141,423 | ---- | C] () -- C:\Users\Paul\Desktop\moteur-de-recherche-t185982.html

[2011/07/05 12:11:20 | 734,076,928 | ---- | C] () -- C:\Users\Paul\Desktop\Australia.FRENCH.DVDRiP.XViD.avi

[2011/07/04 18:48:35 | 000,001,046 | ---- | C] () -- C:\Users\Paul\Desktop\OTL - Raccourci.lnk

[2011/07/04 11:59:33 | 000,125,233 | ---- | C] () -- C:\Users\Paul\Desktop\eliminer-bera-share-web-search-t186379.html

[2011/07/03 20:29:18 | 000,073,885 | ---- | C] () -- C:\Users\Paul\Desktop\la-restauration-systeme-dans-windows-7-409.htm

[2011/07/03 18:49:52 | 000,085,796 | ---- | C] () -- C:\Users\Paul\Desktop\Forum Seven-Windows 7 communauté française Entraide, dépannage, actualité.htm

[2011/07/03 14:57:54 | 000,120,396 | ---- | C] () -- C:\Users\Paul\Desktop\showthread.php.htm

[2011/07/03 14:55:26 | 000,148,276 | ---- | C] () -- C:\Users\Paul\Desktop\questi-ns-pour-table-a-effet-ventury-t12297-10.html

[2011/07/03 14:54:00 | 000,147,715 | ---- | C] () -- C:\Users\Paul\Desktop\questi-111-ns-pour-table-quot-effet-ventury-quot-t12297.html

[2011/07/02 21:02:13 | 000,393,179 | ---- | C] () -- C:\Users\Paul\Desktop\bpt6k121915z.r='la+certenue'.langFR

[2011/07/02 18:02:05 | 001,350,812 | ---- | C] () -- C:\Users\Paul\Desktop\multi_page.pdf

[2011/07/02 12:41:07 | 000,105,350 | ---- | C] () -- C:\Users\Paul\Desktop\zhpdiag.html

[2011/07/01 12:33:18 | 000,650,719 | ---- | C] () -- C:\Users\Paul\Desktop\v03180_TRA.pdf

[2011/06/30 19:29:02 | 000,672,993 | ---- | C] () -- C:\Users\Paul\Desktop\edit.htm

[2011/06/30 19:28:32 | 001,519,156 | ---- | C] () -- C:\Users\Paul\Desktop\34651.pdf

[2011/06/30 16:32:09 | 000,035,711 | ---- | C] () -- C:\Users\Paul\Desktop\domaines-registrars-dans-monde-des-malwares-t15436.html

[2011/06/29 21:12:57 | 000,044,010 | ---- | C] () -- C:\Users\Paul\Desktop\oregon-450.html

[2011/06/29 20:43:14 | 000,022,745 | ---- | C] () -- C:\Users\Paul\Desktop\Makay Nature n°2 _ Makay Nature.htm

[2011/06/29 20:41:47 | 000,021,704 | ---- | C] () -- C:\Users\Paul\Desktop\Makay Nature n°1 _ Makay Nature.htm

[2011/06/29 13:33:23 | 000,046,840 | ---- | C] () -- C:\Users\Paul\Desktop\Massif+du+Makay.html

[2011/06/29 13:31:29 | 000,039,961 | ---- | C] () -- C:\Users\Paul\Desktop\tananarive_manambato.htm

[2011/06/29 13:28:13 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job

[2011/06/29 13:14:29 | 000,013,966 | ---- | C] () -- C:\Users\Paul\Desktop\trajet.htm

[2011/06/29 13:11:05 | 000,064,266 | ---- | C] () -- C:\Users\Paul\Desktop\stations.htm

[2011/06/28 17:38:01 | 000,107,769 | ---- | C] () -- C:\Users\Paul\Desktop\index.php.htm

[2011/06/28 15:54:06 | 000,549,814 | ---- | C] () -- C:\Users\Paul\Desktop\open office writer - bien rdiger ses courriers.pdf

[2011/06/28 11:58:59 | 000,177,542 | ---- | C] () -- C:\Users\Paul\Desktop\welcome.htm

[2011/06/27 20:11:56 | 000,039,669 | ---- | C] () -- C:\Users\Paul\Desktop\12-hk500-en-laiton-poli.html

[2011/06/27 18:15:10 | 000,154,208 | ---- | C] () -- C:\Users\Paul\Desktop\messages-2.html

[2011/06/27 18:12:55 | 000,118,477 | ---- | C] () -- C:\Users\Paul\Desktop\messages-1.html

[2011/06/27 13:18:25 | 000,055,583 | ---- | C] () -- C:\Users\Paul\Desktop\choix-disjoncteur-installation-electrique-tableau-precable.htm

[2011/06/26 21:11:57 | 720,216,064 | ---- | C] () -- C:\Users\Paul\Desktop\L'Arnaque.avi

[2011/06/26 08:03:11 | 001,016,940 | ---- | C] () -- C:\Users\Paul\Documents\Commande no 24351607.pdf

[2011/06/25 17:24:39 | 000,273,044 | ---- | C] () -- C:\Users\Paul\Documents\numerisation_raboteuse.pdf

[2011/06/25 17:24:39 | 000,262,253 | ---- | C] () -- C:\Users\Paul\Documents\Jeannot29_Presse_A_Panneaux.pdf

[2011/06/25 14:42:48 | 000,013,049 | ---- | C] () -- C:\Users\Paul\Documents\Attestation valeur 3.odt

[2011/06/25 11:59:28 | 000,057,076 | ---- | C] () -- C:\Users\Paul\Desktop\nouvelles-technologies-informatique-multimedia-realiser-une-lettre-type-avec-openoffice,6195.htm

[2011/06/25 11:58:14 | 000,036,272 | ---- | C] () -- C:\Users\Paul\Desktop\spip.php.htm

[2011/06/25 11:56:12 | 001,314,582 | ---- | C] () -- C:\Users\Paul\Desktop\Guide_Writer.pdf

[2011/06/23 18:58:59 | 000,002,141 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk

[2011/06/23 13:00:19 | 000,007,566 | ---- | C] () -- C:\Users\Paul\Desktop\callcreditcard3D.htm

[2011/06/19 06:28:39 | 000,010,203 | ---- | C] () -- C:\Users\Paul\Desktop\5ch3_seq1_act2.htm

[2011/06/13 15:03:36 | 000,013,691 | ---- | C] () -- C:\Users\Paul\Desktop\la-carte-mere.htm

[2011/06/12 17:09:45 | 000,011,348 | ---- | C] () -- C:\Users\Paul\Desktop\cyclone.html

[2011/06/11 23:31:47 | 000,000,201 | ---- | C] () -- C:\Users\Paul\Desktop\#q=bois+de+rose+filetypepdf&hl=fr&safe=off&prmd=ivns&ei=RRLxTY2WLs2q8APz74SUBA&start=10&sa=N&bav=on.2,or.r_gc.r_pw.&fp=9a97b.URL

[2011/06/11 09:13:34 | 000,001,201 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

[2011/06/11 09:09:26 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk

[2011/06/11 08:13:39 | 312,237,654 | ---- | C] () -- C:\Users\Paul\Documents\K8_BD.pdf

[2011/06/11 07:56:36 | 000,163,038 | ---- | C] () -- C:\Users\Paul\Documents\DSC09365 (2).JPG

[2011/06/11 07:56:15 | 000,163,038 | ---- | C] () -- C:\Users\Paul\Documents\DSC09365.JPG

[2011/06/11 07:56:05 | 000,191,881 | ---- | C] () -- C:\Users\Paul\Documents\DSC09363.JPG

[2011/06/10 17:18:54 | 000,029,640 | ---- | C] () -- C:\Users\Paul\Desktop\viewtopic.php.htm

[2011/06/10 17:05:32 | 000,006,150 | ---- | C] () -- C:\Users\Paul\Desktop\bv.aspx.htm

[2011/06/10 16:49:59 | 000,009,941 | ---- | C] () -- C:\Users\Paul\Desktop\imgres.htm

[2011/06/08 15:01:02 | 000,003,584 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/06/02 07:28:30 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{19A7151B-5487-4BA2-A9DE-3AFE66360AF2}

[2011/05/15 17:25:26 | 000,088,064 | ---- | C] () -- C:\Windows\AMUninst01c.exe

[2011/05/14 21:31:26 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\{15096A74-3610-455C-A297-2FCA3671C506}

[2011/05/09 19:18:31 | 000,000,017 | ---- | C] () -- C:\Users\Paul\AppData\Local\resmon.resmoncfg

[2011/04/12 08:58:19 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2011/03/23 01:10:24 | 000,001,854 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\GhostObjGAFix.xml

[2011/01/17 07:47:58 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/11/07 08:44:08 | 000,000,571 | ---- | C] () -- C:\Windows\SysWow64\FeMakro.ini

[2010/11/07 08:44:08 | 000,000,497 | ---- | C] () -- C:\Windows\SysWow64\FeAnim.ini

[2010/09/24 08:06:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010/05/11 03:56:43 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll

[2010/05/11 03:56:43 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll

[2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll

[2010/05/11 03:56:43 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll

[2010/05/11 03:56:43 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll

[2010/05/11 03:56:43 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll

[2010/05/11 03:22:24 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2010/05/11 03:22:24 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2010/01/09 02:31:36 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

[2009/09/29 17:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL

[2009/07/14 08:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 05:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 05:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 03:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/14 00:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin

[2009/07/14 00:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2003/04/01 12:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== LOP Check ==========

[2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid

[2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona

[2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule

[2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0

[2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org

[2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit

[2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus

[2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium

[2011/06/30 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Tuto4pc

[2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent

[2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO

[2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs

[2011/05/14 07:19:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup www.google.fr /c >

Serveur : UnKnown

Address: 127.0.0.1

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >

[2011/03/30 13:04:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Adobe

[2010/09/19 19:01:05 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Apple Computer

[2011/03/30 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\com.caffeinatedmind.Sendoid

[2011/04/12 08:58:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Corel

[2010/09/15 22:23:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\CyberLink

[2010/09/15 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DigitalPersona

[2010/09/15 23:00:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\eMule

[2011/05/13 13:51:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\gtk-2.0

[2011/02/01 17:38:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard

[2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HP Support Assistant

[2010/09/15 18:28:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\hpqLog

[2011/01/19 19:11:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HpUpdate

[2010/09/15 16:53:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Identities

[2010/09/15 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macromedia

[2010/09/15 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Macrovision

[2011/05/18 14:57:28 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Malwarebytes

[2010/05/11 12:13:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Media Center Programs

[2011/06/08 19:15:14 | 000,000,000 | --SD | M] -- C:\Users\Paul\AppData\Roaming\Microsoft

[2010/09/15 20:35:07 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla

[2011/02/07 15:36:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Nero

[2010/09/24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org

[2010/10/18 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OutWit

[2011/05/19 07:57:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Scribus

[2011/06/06 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Stellarium

[2011/06/30 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Tuto4pc

[2011/06/21 21:22:53 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\vlc

[2011/06/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildTangent

[2011/02/08 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ZTEEVDO

[2010/09/28 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >

[2011/02/02 12:17:10 | 000,010,134 | R--- | M] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe

[2011/04/21 13:46:12 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\Software.exe

[2011/04/21 13:46:22 | 000,663,168 | ---- | M] (Tuto4PC) -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\SoftwareHP.exe

[2011/06/30 18:21:58 | 001,180,627 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Tuto4pc\Tuto4pc\unins000.exe

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >

[2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009/07/14 04:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009/07/14 04:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CDROM.SYS >

[2009/07/14 02:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys

[2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys

[2010/11/20 12:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 04:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009/07/14 04:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >

[2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe

[2009/07/14 04:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe

[2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe

[2009/07/14 04:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: DISK.SYS >

[2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys

[2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys

[2009/07/14 04:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: DWM.EXE >

[2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\SysNative\dwm.exe

[2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_e99885bbd6e301de\dwm.exe

[2009/07/14 04:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe

< MD5 for: EVENTLOG.DLL >

[2007/05/17 23:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >

[2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe

[2011/02/26 09:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe

[2011/02/26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2009/07/14 04:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2011/02/26 08:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe

[2009/10/31 08:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2011/02/26 08:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe

[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011/02/26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010/11/20 15:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe

[2009/08/03 09:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2009/10/31 09:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2009/08/03 08:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2010/11/20 16:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[2009/10/31 09:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2009/08/03 08:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 04:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 09:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2010/01/09 09:07:51 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe

[2011/02/26 09:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

[2009/08/03 09:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

[2010/01/09 09:07:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: IASTOR.SYS >

[2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2009/08/08 07:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\SwSetup\Drivers\IMSM\Winall\Driver\IaStor.sys

[2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

[2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\SwSetup\Drivers\IMSM\Winall\Driver64\IaStor.sys

[2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys

[2009/08/08 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys

< MD5 for: IASTORV.SYS >

[2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 16:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011/03/11 09:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011/03/11 09:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011/03/11 09:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011/03/11 09:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009/07/14 04:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NDIS.SYS >

[2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys

[2010/11/20 16:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[2009/07/14 04:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >

[2009/07/14 04:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010/11/20 16:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010/11/20 15:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009/07/14 04:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2009/07/14 04:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011/03/11 09:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011/03/11 09:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011/03/11 09:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011/03/11 09:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 16:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: RASACD.SYS >

[2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys

[2009/07/14 03:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

< MD5 for: RDPCLIP.EXE >

[2010/11/20 16:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe

[2009/07/14 04:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe

< MD5 for: RDPWD.SYS >

[2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SysNative\drivers\rdpwd.sys

[2010/11/20 14:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys

[2009/07/14 03:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 04:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 04:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010/11/20 15:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010/11/20 16:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SFLOPPY.SYS >

[2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys

[2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys

[2009/07/14 03:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

< MD5 for: TASKENG.EXE >

[2010/11/02 07:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe

[2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SysWOW64\taskeng.exe

[2010/11/20 15:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe

[2010/11/02 08:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe

[2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SysNative\taskeng.exe

[2010/11/20 16:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe

[2010/11/02 08:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe

[2009/07/14 04:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe

[2009/07/14 04:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe

[2010/11/02 07:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe

< MD5 for: TASKHOST.EXE >

[2009/07/14 04:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe

[2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SysNative\taskhost.exe

[2010/11/20 16:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe

< MD5 for: TCPIP.SYS >

[2011/04/25 08:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys

[2010/11/20 16:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys

[2010/06/14 09:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys

[2011/04/25 08:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys

[2010/06/14 09:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys

[2009/07/14 04:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

[2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\SysNative\drivers\tcpip.sys

[2011/04/25 08:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys

[2011/04/25 09:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys

< MD5 for: TDPIPE.SYS >

[2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys

[2009/07/14 03:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

< MD5 for: TDTCP.SYS >

[2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys

[2009/07/14 03:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

< MD5 for: USBPRINT.SYS >

[2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys

[2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys

[2009/07/14 03:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

< MD5 for: USBSCAN.SYS >

[2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys

[2009/07/14 03:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

< MD5 for: USERINIT.EXE >

[2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010/11/20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 04:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010/11/20 16:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys

[2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys

[2010/11/20 16:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

[2009/07/14 04:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

< MD5 for: WININIT.EXE >

[2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009/07/14 04:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >

[2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010/11/20 16:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009/07/14 04:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 10:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 09:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< >

< End of report >

OTL Extras logfile created on: 10/07/2011 06:49:39 - Run 1