Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Security Sphere 2012


julio31
 Share

Messages recommandés

Bonsoir tout le monde,

 

Je suis nouveau sur le forum, et suis confronté à un problème de taille !

 

Je suis envahi par Security Spere 2012. J'ai tout tenté pour l'éliminer.

Je suis dessus depuis 17h ! Je vais devenir dingue lol

 

Si quelqu'un pouvait m'aider, ce serait super.

Lien vers le commentaire
Partager sur d’autres sites

Bonsoir

 

 

* Télécharge sur le bureau RogueKiller (par tigzy)

* Lance le puis valide choix 2.

 

* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse

 

Puis:

 

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Cliquez ici.

ou la

http://www.cijoint.fr/index.php

Lien vers le commentaire
Partager sur d’autres sites

Hello

 

Juste pour complémenter la réponse à propos de RogueKiller (qui sera sans doute bloqué)

 

* Si le programme a été bloqué, renommer en winlogon.exe
Lien vers le commentaire
Partager sur d’autres sites

rapport roguekiller:

 

RogueKiller V6.1.7 [05/11/2011] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/37)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur: isabelle [Droits d'admin]

Mode: Suppression -- Date : 08/11/2011 08:53:53

 

¤¤¤ Processus malicieux: 1 ¤¤¤

[sUSP PATH] dG01300FmJlD01300.exe -- C:\ProgramData\dG01300FmJlD01300\dG01300FmJlD01300.exe -> KILLED [TermProc]

 

¤¤¤ Entrees de registre: 6 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : 62D.exe (C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\62D.exe) -> DELETED

[sUSP PATH] HKCU\[...]\Run : dG01300FmJlD01300 (C:\ProgramData\dG01300FmJlD01300\dG01300FmJlD01300.exe) -> DELETED

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:60101) -> NOT REMOVED, USE PROXYFIX

[PROXY FF] btce7mig.default\ 127.0.0.1:60101 -> NOT REMOVED, USE PROXYFIX

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver: [NOT LOADED] ¤¤¤

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

 

 

Termine : << RKreport[1].txt >>

RKreport[1].txt

Lien vers le commentaire
Partager sur d’autres sites

1er rapport otl:

OTL Extras logfile created on: 08/11/2011 09:05:21 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\isabelle\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,65% Memory free

8,00 Gb Paging File | 7,01 Gb Available in Paging File | 87,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 453,94 Gb Total Space | 394,53 Gb Free Space | 86,91% Space Free | Partition Type: NTFS

 

Computer Name: ISABELLE-PC | User Name: isabelle | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst

"{2AB20F38-29CB-E6EA-AD98-EF7E33207238}" = ATI Catalyst Install Manager

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{89A07279-1DB3-485A-B1DF-584DF86774B9}" = SpyHunter

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DC1A3522-3660-1845-EEE6-A52AD517E24F}" = ccc-utility64

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Canon SELPHY CP740" = Canon SELPHY CP740

"Canon SELPHY CP750" = Canon SELPHY CP750

"LSI Soft Modem" = LSI HDA Modem

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{004DF4AC-19B8-9B15-A6BE-CEDFCA81A6B2}" = CCC Help Portuguese

"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works

"{0485C178-C3B5-F18D-B1C8-9AD4F8BAF9E6}" = Catalyst Control Center Graphics Full Existing

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE41E5A-9DC4-5533-506F-F0A5409C42AC}" = Catalyst Control Center Graphics Light

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1E8692C1-0611-564A-7DCD-B1DBA77B84F8}" = CCC Help Russian

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 20

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{306E18ED-FE2E-AEBD-A784-D157F46497A8}" = CCC Help Korean

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode

"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4C28AD08-625F-46A0-B5DD-88A615677D1F}" = CCC Help Japanese

"{4C622686-8A91-764A-59B5-07386E5F5941}" = CCC Help Norwegian

"{4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}" = NetWorkingWizard_ICM

"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}" = CDBurnerXP

"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress

"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{6BC27278-28F6-D98A-587C-591FD8DDDC4C}" = PowerXpressHybrid

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger

"{70272964-C468-4C5F-8246-AA2CABA75941}" = Roxio Easy Media Creator 9 Suite

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic

"{7324CB8D-1BFB-5AB6-53A2-9FEFBCCB644B}" = CCC Help Danish

"{73D40D01-D205-31C2-A909-CD857DDCBC5A}" = CCC Help Dutch

"{7413A302-DB21-9BD8-C4E5-6094CE6AC5E8}" = CCC Help Swedish

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{75ABD71B-ACFD-70F2-319C-E30D8632E373}" = CCC Help Italian

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart

"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B63B2922B174135AFC0E1377DD81EC2}" =

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{83DC2757-379F-B9E2-787A-FA69BAA36062}" = CCC Help German

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{848DC457-3B1B-C356-ECA3-06FA3E924085}" = Catalyst Control Center Graphics Full New

"{84AEE129-392A-089A-6513-8615E1EF1E89}" = CCC Help English

"{85DDC564-3CD5-CD82-40EE-A9D6E4696909}" = CCC Help Thai

"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console

"{8EF8E154-83C9-2B42-9B76-D1502E8D71EE}" = CCC Help Finnish

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007

"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007

"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007

"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{99B44F06-8767-7FE3-0F03-82285F02763A}" = ccc-core-static

"{9A2F0EBC-D56A-D941-8B27-86E8876286E9}" = CCC Help Polish

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E7A5739-0BC4-7DB3-F5FE-3A2D93D8D61B}" = CCC Help Spanish

"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap

"{9F254D51-181D-4D73-B61E-70667F92B249}" = TopLaunch2010

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A4AC52DC-5340-D303-FF61-EB6BEB512E89}" = Catalyst Control Center Core Implementation

"{A5B5732D-E747-A95C-063A-C6FCCAC8271A}" = CCC Help Turkish

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC6F835E-D4BF-033F-17A9-7E3B590CE1E4}" = Catalyst Control Center InstallProxy

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.3 MUI

"{AF2D5B54-36DE-471E-B9C8-58E4B2B951C6}" = Iminent

"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles

"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B5277E1E-23AE-5A44-4B8A-E2DE182E5AA8}" = CCC Help Chinese Standard

"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit

"{BC328C67-E4F4-414A-7F6B-959D2F23BBAB}" = CCC Help Greek

"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter

"{c3c4f8ca-ade4-439f-bb37-0f79bf392397}" = Nero 9 Trial

"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C8C611D1-97B9-FD09-F3FB-81801D6151A5}" = CCC Help Chinese Traditional

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF1031B-994E-B337-8F6B-CCEEB3CCF3DB}" = Catalyst Control Center Localization All

"{D0198889-7766-424B-AB81-F16F8EDDFEF4}" = Facemoods

"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM

"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E28CDEBC-C5C1-D7FC-B0BA-D936AE1269DE}" = CCC Help Czech

"{E2A59A89-A656-6055-7A9D-F011638F9181}" = CCC Help Hungarian

"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer

"{EA232C2A-B987-752C-676F-549B4BC2D19D}" = CCC Help French

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget

"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"avast" = avast! Free Antivirus

"BearShare 2 MediaBar" = MediaBar

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenuEX" = Canon Solution Menu EX

"Complitly_is1" = Complitly

"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX

"Easy-WebPrint EX" = Canon Easy-WebPrint EX

"eMule" = eMule

"Enregistrement utilisateur de Canon MG5100 series" = Enregistrement utilisateur de Canon MG5100 series

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"IMBoosterARP" = Iminent

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"LManager" = Launch Manager

"McAfee Security Scan" = McAfee Security Scan Plus

"MixVibes3dex.exe" = MixVibes 3DEX uninstall

"Mozilla Firefox 7.0.1 (x86 fr)" = Mozilla Firefox 7.0.1 (x86 fr)

"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0

"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français

"Raptr" = Raptr

"VLC media player" = VLC media player 1.1.11

"WinLiveSuite" = Windows Live

"WinRAR archiver" = WinRAR 4.01 (32 bits)

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 02/11/2011 20:33:38 | Computer Name = isabelle-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante CNSEMAIN.EXE, version : 1.0.0.0,

horodatage : 0x4bb5428c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000004 ID du processus

défaillant : 0xf20 Heure de début de l’application défaillante : 0x01cc99bfdf28598f

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Canon\Solution Menu

EX\CNSEMAIN.EXE Chemin d’accès du module défaillant: unknown ID de rapport : 78751c28-05b3-11e1-b362-00262d7a289d

 

Error - 03/11/2011 13:21:06 | Computer Name = isabelle-PC | Source = Application Hang | ID = 1002

Description = Le programme iexplore.exe version 8.0.7601.17514 a cessé d’interagir

avec Windows et a été fermé. Pour déterminer si des informations supplémentaires

sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

 

ID

de processus : e48 Heure de début : 01cc99bfc733e490 Heure de fin : 0 Chemin d’accès

de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport

: 2dba9297-0640-11e1-b362-00262d7a289d

 

Error - 03/11/2011 18:27:10 | Computer Name = isabelle-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante CNSEMAIN.EXE, version : 1.0.0.0,

horodatage : 0x4bb5428c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000004 ID du processus

défaillant : 0x17b0 Heure de début de l’application défaillante : 0x01cc9a77a6090c65

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Canon\Solution Menu

EX\CNSEMAIN.EXE Chemin d’accès du module défaillant: unknown ID de rapport : f83aca6a-066a-11e1-9c7a-00262d7a289d

 

Error - 03/11/2011 18:39:24 | Computer Name = isabelle-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante CNSEMAIN.EXE, version : 1.0.0.0,

horodatage : 0x4bb5428c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000004 ID du processus

défaillant : 0x138c Heure de début de l’application défaillante : 0x01cc9a795989632f

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Canon\Solution Menu

EX\CNSEMAIN.EXE Chemin d’accès du module défaillant: unknown ID de rapport : ad633219-066c-11e1-9b66-00262d7a289d

 

Error - 03/11/2011 18:48:48 | Computer Name = isabelle-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante CNSEMAIN.EXE, version : 1.0.0.0,

horodatage : 0x4bb5428c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000004 ID du processus

défaillant : 0xd6c Heure de début de l’application défaillante : 0x01cc9a7a5e3b7523

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Canon\Solution Menu

EX\CNSEMAIN.EXE Chemin d’accès du module défaillant: unknown ID de rapport : fd6f34eb-066d-11e1-8f12-00262d7a289d

 

Error - 06/11/2011 08:09:03 | Computer Name = isabelle-PC | Source = Application Hang | ID = 1002

Description = Le programme iexplore.exe version 8.0.7601.17514 a cessé d’interagir

avec Windows et a été fermé. Pour déterminer si des informations supplémentaires

sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

 

ID

de processus : 1670 Heure de début : 01cc9c243387ba50 Heure de fin : 0 Chemin d’accès

de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport

: 15087dc1-0870-11e1-8f12-00262d7a289d

 

Error - 06/11/2011 15:58:18 | Computer Name = isabelle-PC | Source = Application Hang | ID = 1002

Description = Le programme iexplore.exe version 8.0.7601.17514 a cessé d’interagir

avec Windows et a été fermé. Pour déterminer si des informations supplémentaires

sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

 

ID

de processus : 1060 Heure de début : 01cc9c7cdff2ce0a Heure de fin : 0 Chemin d’accès

de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport

: a336e502-08b1-11e1-8f12-00262d7a289d

 

Error - 07/11/2011 09:47:33 | Computer Name = isabelle-PC | Source = Microsoft-Windows-RestartManager | ID = 10006

Description = Impossible de fermer l’application ou le service « Windows Live Messenger ».

 

Error - 07/11/2011 09:47:34 | Computer Name = isabelle-PC | Source = Microsoft-Windows-RestartManager | ID = 10006

Description = Impossible de fermer l’application ou le service « Windows Search ».

 

Error - 07/11/2011 10:07:34 | Computer Name = isabelle-PC | Source = VSS | ID = 8194

Description =

 

[ System Events ]

Error - 07/11/2011 15:34:44 | Computer Name = isabelle-PC | Source = DCOM | ID = 10010

Description =

 

Error - 07/11/2011 15:36:48 | Computer Name = isabelle-PC | Source = DCOM | ID = 10010

Description =

 

Error - 08/11/2011 03:44:33 | Computer Name = isabelle-PC | Source = EventLog | ID = 6008

Description = L’arrêt système précédant à 21:38:48 le ?07/?11/?2011 n’était pas

prévu.

 

Error - 08/11/2011 03:46:33 | Computer Name = isabelle-PC | Source = Service Control Manager | ID = 7000

Description = Le service Windows Internet Name Service n’a pas pu démarrer en raison

de l’erreur : %%2

 

Error - 08/11/2011 03:47:08 | Computer Name = isabelle-PC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service SBSD Security Center Service.

 

Error - 08/11/2011 03:47:08 | Computer Name = isabelle-PC | Source = Service Control Manager | ID = 7000

Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison

de l’erreur : %%1053

 

Error - 08/11/2011 03:47:11 | Computer Name = isabelle-PC | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se

charger : RxFilter

 

Error - 08/11/2011 03:48:24 | Computer Name = isabelle-PC | Source = DCOM | ID = 10010

Description =

 

Error - 08/11/2011 03:50:11 | Computer Name = isabelle-PC | Source = DCOM | ID = 10010

Description =

 

Error - 08/11/2011 03:50:39 | Computer Name = isabelle-PC | Source = DCOM | ID = 10010

Description =

 

 

< End of report >

 

2éme rapport otl: désolé je sais pas comment réduire sous un autre format

 

OTL logfile created on: 08/11/2011 09:05:21 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\isabelle\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,65% Memory free

8,00 Gb Paging File | 7,01 Gb Available in Paging File | 87,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 453,94 Gb Total Space | 394,53 Gb Free Space | 86,91% Space Free | Partition Type: NTFS

 

Computer Name: ISABELLE-PC | User Name: isabelle | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\isabelle\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

 

 

========== Modules (No Company Name) ==========

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)

SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()

SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)

DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)

DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)

DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)

DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)

DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()

DRV:64bit: - (sscemdm) -- C:\Windows\SysNative\drivers\sscemdm.sys (MCCI Corporation)

DRV:64bit: - (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) -- C:\Windows\SysNative\drivers\sscebus.sys (MCCI Corporation)

DRV:64bit: - (sscemdfl) -- C:\Windows\SysNative\drivers\sscemdfl.sys (MCCI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (k57nd60a) Broadcom NetLink -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)

DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (StarOpen) -- C:\Windows\SysWow64\StarOpen.sys ()

DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_7540&r=27360210v216l0448z1m5t4401g23o

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_7540&r=27360210v216l0448z1m5t4401g23o

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_7540&r=27360210v216l0448z1m5t4401g23o

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_7540&r=27360210v216l0448z1m5t4401g23o

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_7540&r=27360210v216l0448z1m5t4401g23o

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found

IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60101

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"

FF - prefs.js..browser.search.selectedEngine: "My Web Search"

FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"

FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRxpt115YYFR&ptb=OEG5ZflGpmHtzX2TNWzE6A&ind=2011101814&ptnrS=ZRxpt115YYFR&si=142522&n=77defa76&psa=&st=kwd&searchfor="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 60101

FF - prefs.js..network.proxy.type: 1

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\OFFERBOX\EXTENSIONS-4.0.4498.53\[email protected]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/18 19:00:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2010/08/20 00:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\isabelle\AppData\Roaming\mozilla\Extensions

[2010/08/20 00:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\isabelle\AppData\Roaming\mozilla\Extensions\[email protected]

[2011/07/04 14:54:25 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\isabelle\AppData\Roaming\mozilla\Firefox\Profiles\btce7mig.default\extensions

[2011/07/04 14:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\isabelle\AppData\Roaming\mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome

[2011/07/04 14:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\isabelle\AppData\Roaming\mozilla\Firefox\Profiles\btce7mig.default\extensions\components

[2011/10/19 00:07:08 | 000,009,967 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\searchplugins\mywebsearch.xml

[2011/10/20 20:00:04 | 000,002,270 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\searchplugins\SearchTheWeb.xml

[2011/10/20 19:59:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/10/20 19:59:14 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]

File not found (No name found) -- C:\PROGRAM FILES (X86)\MYWEBSEARCH\BAR\1.BIN

[2011/09/29 08:16:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/09/29 02:59:56 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml

[2011/09/29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/09/29 02:59:56 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/09/29 02:59:56 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml

[2011/08/21 23:09:52 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml

[2011/09/29 02:59:56 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/09/29 02:59:56 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Iminent (Enabled)

CHR - default_search_provider: search_url = http://search.iminent.com/?appId=3A81589D-A4E2-42EA-9141-1383EF795E2B&ref=toolbox&q={searchTerms}

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll

CHR - plugin: Java Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\pdf.dll

CHR - plugin: OfferBox (Enabled) = C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpicnlijpdlebkhpegfenfjpglinfdhm\5.4.2623.32_0\offerbox_air_chrome.dll

CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Complitly plugin for chrome = C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\

CHR - Extension: OfferBox = C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpicnlijpdlebkhpegfenfjpglinfdhm\5.4.2623.32_0\

CHR - Extension: Facemoods = C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.1_0\

 

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (OfferBox) - {703740c1-0f1a-4cec-a4df-d78db0158477} - C:\Program Files\OfferBox\extensions-4.0.4498.53\offerbox_air_iexplorer.dll File not found

O2:64bit: - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)

O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\isabelle\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)

O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)

O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()

O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\isabelle\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)

O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 6200 Series\ezprint.exe ()

O4 - HKLM..\Run: [iMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [lxbumon.exe] C:\Program Files (x86)\Lexmark 6200 Series\lxbumon.exe (Lexmark International, Inc.)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)

O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()

O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [NBCore] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBCore.exe (Nero AG)

O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

O4 - HKCU..\Run: [WindowsDriverControl] C:\Users\Public\C-76947-8457-2745\winmsngrn.exe File not found

O4 - Startup: C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC83E5B5-ACCC-460C-9F89-57D242077E61}: DhcpNameServer = 212.27.40.241 212.27.40.240

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\datamngr.dll (MusicLab, LLC)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)

O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)

O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/11/07 16:02:19 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{712dfc44-68a4-11df-a84d-00262d7a289d}\Shell - "" = AutoRun

O33 - MountPoints2\{712dfc44-68a4-11df-a84d-00262d7a289d}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe

O33 - MountPoints2\{c6c3b6e7-bd15-11e0-a3f8-00262d7a289d}\Shell - "" = AutoRun

O33 - MountPoints2\{c6c3b6e7-bd15-11e0-a3f8-00262d7a289d}\Shell\AutoRun\command - "" = E:\ICM_ML.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\ICM_ML.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: mcmscsvc - Service

SafeBootMin:64bit: MCODS - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: mcmscsvc - Service

SafeBootMin: MCODS - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: mcmscsvc - Service

SafeBootNet:64bit: MCODS - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: MpfService - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: mcmscsvc - Service

SafeBootNet: MCODS - Service

SafeBootNet: Messenger - Service

SafeBootNet: MpfService - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/08 09:01:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\isabelle\Desktop\OTL.exe

[2011/11/08 08:53:33 | 000,000,000 | ---D | C] -- C:\Users\isabelle\Desktop\RK_Quarantine

[2011/11/07 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\F2083

[2011/11/07 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{8875C7F1-7C9F-414F-97B0-E6F1313C2C3F}

[2011/11/07 20:24:47 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{FBA43629-EB17-409D-A4C2-C3C8BAEAB3F9}

[2011/11/07 17:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/11/07 17:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/11/07 17:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011/11/07 17:01:02 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011/11/07 17:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2011/11/07 17:01:01 | 000,287,576 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011/11/07 17:00:53 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011/11/07 17:00:53 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011/11/07 17:00:44 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011/11/07 17:00:42 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011/11/07 17:00:15 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011/11/07 17:00:15 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/11/07 16:02:01 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

[2011/11/07 16:02:00 | 000,000,000 | ---D | C] -- C:\sh4ldr

[2011/11/07 16:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

[2011/11/07 16:00:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2011/11/07 15:13:51 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{AAFFE162-1568-4FFC-A95F-48F5B6E74907}

[2011/11/07 15:13:43 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{038AFD88-7240-44E0-887F-CEF2175896CA}

[2011/11/07 14:48:46 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll

[2011/11/07 14:48:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll

[2011/11/07 14:48:43 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2011/11/07 14:48:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll

[2011/11/07 14:45:56 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{8431497C-F5D4-4881-A8FC-BA2250BAE104}

[2011/11/07 14:19:37 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{3E5B2D3D-D6AC-4507-AA3B-C177F283427E}

[2011/11/07 14:19:29 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{957C006D-88D2-49B8-9C4E-F823AFC79B4C}

[2011/11/07 13:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\dG01300FmJlD01300

[2011/11/07 13:28:26 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\565F2

[2011/11/06 19:08:56 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{51FD6D2C-3605-41A1-BC1B-A15A6475388C}

[2011/11/06 19:08:38 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{2D512769-5111-410D-A843-2CE906F546E5}

[2011/11/03 23:47:01 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{3E628D0F-A3C4-487B-B50F-799BA499D374}

[2011/11/03 23:46:32 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{5D999440-D100-431D-8E94-596177B6A9EA}

[2011/11/03 23:35:55 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{31D3F3DB-3A9C-4941-8397-8E769ABDC7B1}

[2011/11/03 23:35:34 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{2313767E-C62C-405E-9491-D58B0B1BFD03}

[2011/11/03 23:23:07 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{E36EDBF8-D966-4768-9551-7931C1A04629}

[2011/11/03 23:22:39 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{96A65EC1-1F23-47D3-93F0-CF467D99F500}

[2011/11/03 01:31:51 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{37469CE0-8E54-4095-9D5A-132DF73A8F1B}

[2011/11/03 01:31:23 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{192A5FB0-29AA-4B21-BF3F-0B83D0D40463}

[2011/11/02 18:42:07 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{6606CB88-AAB3-4EC0-A953-EE0E05D55B54}

[2011/11/02 18:41:42 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{A8EC4FA9-E05D-4D33-BBEF-216DD3E7FCAB}

[2011/11/02 18:30:30 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{B3D48DF4-B2CE-4D0A-B41B-A84C0A8001D3}

[2011/11/02 18:30:03 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{DDC7115A-98C1-4F44-ABC4-D956986A2C8C}

[2011/10/21 19:02:17 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{9AB48CE4-6312-4E93-AEB2-E604D0F0C3CB}

[2011/10/21 19:01:43 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{7BB89F11-EE90-483A-8526-D7CD8A7C9CBA}

[2011/10/21 18:44:21 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{AF9F51F5-DE3F-4F98-99F6-54B068179E8D}

[2011/10/21 18:43:51 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{798B2020-57CF-4BA6-B678-F783D0383D0E}

[2011/10/21 01:08:43 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{E48B3C31-B61C-4C5E-AB40-0CF8B0FD9FBF}

[2011/10/21 01:08:13 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{F315C601-0705-45E5-8544-71206DA42618}

[2011/10/20 20:00:19 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{AB1CA4A0-6F00-4F1A-A63A-5B73F7E3EE68}

[2011/10/20 20:00:05 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{63644B7E-F478-4193-BD1F-89F4B73905A8}

[2011/10/20 19:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar

[2011/10/20 19:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent

[2011/10/20 19:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IMinent

[2011/10/20 19:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent

[2011/10/20 00:28:35 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/10/20 00:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2011/10/19 01:00:37 | 000,000,000 | ---D | C] -- C:\Users\isabelle\Desktop\Nouveau dossier

[2011/10/18 19:00:46 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\Mozilla

[2011/10/17 23:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011/10/17 20:53:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2011/10/17 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\OfferBox

[2011/10/17 20:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBox

[2011/10/17 20:53:15 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\Complitly

[2011/10/17 20:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Complitly

[2011/10/17 19:07:30 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{B2C26FB4-EEF4-4403-B585-32CFCFCF3BBA}

[2011/10/17 19:07:00 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{85B930BB-F31E-429B-A3D9-AF689241911A}

[2011/10/13 11:16:11 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{D59E9714-5CE3-4805-B7FE-DA4632B54C84}

[2011/10/13 11:15:48 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{3EA72E0E-AB1A-4CFE-8A05-22485C487050}

[2011/10/12 20:59:17 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/10/12 20:59:17 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/10/12 20:59:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/10/12 20:59:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/10/12 20:59:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/10/12 20:59:15 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/10/12 20:59:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/10/12 20:56:27 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2011/10/12 20:56:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2011/10/12 20:56:27 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2011/10/12 20:56:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2011/10/12 20:55:39 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2011/10/12 20:55:38 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2011/10/12 20:42:27 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{9A1E7F63-9495-465C-A426-5C1FF1B924FD}

[2011/10/12 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{7D2E6343-315E-41FC-A11F-FCE2BD2EA61D}

[2011/10/11 01:00:52 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{7DB4EDA5-F700-4B92-BE24-6E3A0CA4E629}

[2011/10/11 01:00:40 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Local\{FB13BD3F-CE29-4F11-8EC9-6C0AC40095BB}

[2010/12/10 17:36:24 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuppls.exe

[2010/12/10 17:36:20 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuinpa.dll

[2010/12/10 17:36:20 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuiesc.dll

[2010/12/10 17:36:20 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysWow64\LXBUhcp.dll

[2010/12/10 17:36:19 | 001,418,240 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuserv.dll

[2010/12/10 17:36:19 | 001,099,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuusb1.dll

[2010/12/10 17:36:19 | 000,488,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbulmpm.dll

[2010/12/10 17:36:19 | 000,410,112 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbupmui.dll

[2010/12/10 17:36:19 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuih.exe

[2010/12/10 17:36:19 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuprox.dll

[2010/12/10 17:36:19 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbupplc.dll

[2010/12/10 17:36:18 | 000,660,480 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbuhbn3.dll

[2010/12/10 17:36:17 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbucomc.dll

[2010/12/10 17:36:17 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbucoms.exe

[2010/12/10 17:36:17 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbucfg.exe

[2010/12/10 17:36:17 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbucomm.dll

[2009/10/29 05:22:35 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

[2006/09/14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\SysWow64\DivXGraphBuilderCallback.dll

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/08 09:11:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/11/08 09:01:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\isabelle\Desktop\OTL.exe

[2011/11/08 08:54:16 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/08 08:54:16 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/08 08:50:20 | 000,744,448 | ---- | M] () -- C:\Users\isabelle\Desktop\winlogon.exe.exe

[2011/11/08 08:46:18 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/11/08 08:44:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/08 08:44:11 | 3219,935,232 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/07 18:55:42 | 000,014,631 | ---- | M] () -- C:\Windows\WININIT.INI

[2011/11/07 17:58:42 | 000,001,290 | ---- | M] () -- C:\Users\isabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/11/07 17:58:42 | 000,001,266 | ---- | M] () -- C:\Users\isabelle\Desktop\Spybot - Search & Destroy.lnk

[2011/11/07 17:01:02 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/11/07 17:00:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011/11/07 16:02:19 | 000,000,000 | ---- | M] () -- C:\autoexec.bat

[2011/11/07 14:28:58 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

[2011/11/07 14:28:25 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/11/07 14:28:25 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/11/07 14:28:25 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/11/07 14:28:25 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/11/07 14:28:25 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/11/04 01:06:43 | 001,578,010 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/11/01 19:19:12 | 000,002,348 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/10/20 00:28:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/10/18 19:00:33 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/17 20:59:48 | 000,002,148 | ---- | M] () -- C:\prefs.js

[2011/10/17 20:53:22 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\OfferBoxUpdate.job

[2011/10/13 11:11:24 | 000,403,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/11/08 08:50:18 | 000,744,448 | ---- | C] () -- C:\Users\isabelle\Desktop\winlogon.exe.exe

[2011/11/07 17:58:42 | 000,001,290 | ---- | C] () -- C:\Users\isabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/11/07 17:58:42 | 000,001,266 | ---- | C] () -- C:\Users\isabelle\Desktop\Spybot - Search & Destroy.lnk

[2011/11/07 17:01:02 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/11/07 16:02:19 | 000,000,000 | ---- | C] () -- C:\autoexec.bat

[2011/11/04 01:07:56 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif

[2011/11/04 01:06:43 | 001,578,010 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/10/18 19:00:33 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/10/18 19:00:33 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/17 23:16:36 | 000,002,348 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/10/17 20:53:37 | 000,002,148 | ---- | C] () -- C:\prefs.js

[2011/10/17 20:53:22 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\OfferBoxUpdate.job

[2011/09/06 12:57:03 | 000,000,000 | ---- | C] () -- C:\Users\isabelle\AppData\Local\{98B19AC2-9ABB-448D-AF4C-B80094A3343C}

[2011/07/11 01:11:29 | 000,111,724 | ---- | C] () -- C:\Users\isabelle\AppData\Local\rx_audio.Cache

[2011/06/07 10:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2011/06/07 10:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2011/06/07 10:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2011/06/07 10:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2011/06/07 10:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2010/12/10 17:36:26 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxbucomx.dll

[2010/12/10 17:36:20 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBUinst.dll

[2010/07/25 15:47:56 | 000,014,631 | ---- | C] () -- C:\Windows\WININIT.INI

[2010/02/20 11:35:44 | 000,000,000 | ---- | C] () -- C:\Users\isabelle\AppData\Roaming\wklnhst.dat

[2010/02/19 13:47:16 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2010/02/12 14:38:04 | 000,000,091 | ---- | C] () -- C:\Windows\Retrieve9.INI

[2010/02/12 13:54:01 | 001,073,968 | ---- | C] () -- C:\Users\isabelle\AppData\Local\rx_image.Cache

[2010/02/12 00:10:49 | 000,018,432 | ---- | C] () -- C:\Users\isabelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/07 06:05:37 | 000,001,018 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/01/07 06:04:53 | 000,001,745 | ---- | C] () -- C:\Windows\WPatchProgress.ini

[2010/01/06 21:47:25 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini

[2010/01/06 21:32:07 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2010/01/06 21:32:07 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe

[2010/01/06 21:32:07 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini

[2009/11/12 13:48:58 | 000,005,504 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys

[2009/10/28 19:51:17 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini

[2009/10/28 19:51:17 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini

[2009/10/28 19:51:17 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini

[2009/10/28 19:02:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin

[2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin

[2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin

[2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006/11/10 09:17:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini

[2006/10/26 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll

[2006/10/26 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll

[2005/07/15 19:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll

[2005/07/15 19:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll

[2005/07/15 19:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

 

========== Custom Scans ==========

 

 

< %temp%\smtmp\1\*.* /s >

 

< %temp%\smtmp\2\*.* /s >

 

< %temp%\smtmp\4\*.* /s >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %APPDATA%\*. >

[2010/02/12 00:22:58 | 000,000,000 | -HSD | M] -- C:\Users\isabelle\AppData\Roaming\.#

[2011/11/07 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\565F2

[2010/02/10 00:05:57 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Adobe

[2010/02/09 04:59:46 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\ATI

[2011/03/12 02:12:16 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Azureus

[2010/02/19 11:16:19 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Canneverbe Limited

[2011/10/17 20:53:15 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Complitly

[2010/02/14 17:34:15 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\CyberLink

[2010/07/24 14:38:41 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\DivX

[2011/11/07 20:25:33 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\F2083

[2010/02/09 22:36:50 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\GameConsole

[2010/02/09 22:09:46 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Google

[2010/10/17 20:00:09 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\HiYo

[2010/02/09 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Identities

[2010/09/10 14:15:21 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\invibes

[2010/02/09 04:59:01 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Macromedia

[2009/10/28 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Media Center Programs

[2011/11/07 16:02:01 | 000,000,000 | --SD | M] -- C:\Users\isabelle\AppData\Roaming\Microsoft

[2010/09/10 14:13:22 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\MixVibes

[2011/10/18 19:00:46 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Mozilla

[2010/02/19 14:32:00 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Nero

[2011/11/07 18:05:52 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\OfferBox

[2010/05/24 22:17:35 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\OpenOffice.org

[2011/07/26 16:27:35 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\PlayFirst

[2010/04/02 14:26:18 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\PowerCinema

[2011/11/07 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Raptr

[2011/03/12 01:23:59 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Roxio

[2011/08/12 14:19:03 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Samsung

[2010/07/07 20:11:52 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\SoftDMA

[2010/02/20 11:41:27 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Template

[2011/01/15 23:14:18 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\uTorrent

[2010/10/01 21:59:10 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\vlc

[2010/11/26 23:55:51 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\Windows Live Writer

[2011/08/18 20:37:56 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\WinRAR

 

< %APPDATA%\*.exe /s >

[2011/03/12 01:26:22 | 004,177,856 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Azureus\plugins\azemp\vuzeplayer.exe

[2011/03/12 00:16:51 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\isabelle\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe

[2011/07/11 14:27:34 | 000,091,128 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Complitly\KeepMeUpdated.exe

[2011/07/11 14:27:34 | 000,091,128 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Complitly\64\KeepMeUpdated.exe

[2011/11/07 13:28:26 | 000,178,176 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\62D.exe

[2011/11/07 13:28:37 | 000,171,008 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\EDE7.exe

[2 C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\*.tmp files -> C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\*.tmp -> ]

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\Icon1226A4C5.exe

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\IconD7F16134.exe

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\IconF7A21AF7.exe

[2011/06/28 06:32:22 | 081,122,288 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe

[2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI.exe

[2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI32.exe

[2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI64.exe

[2008/11/26 05:57:44 | 000,737,280 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\USBAutoRun.exe

[2008/11/26 12:59:32 | 006,450,574 | R--- | M] (Macrovision Corporation) -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\tools\LGInternetKit_V3.0.0.24_Setup.exe

[2010/03/05 16:49:50 | 000,197,632 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\TbHelper2.exe

[2010/03/12 17:45:00 | 000,042,496 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\uninstall.exe

[2010/03/12 17:45:00 | 000,056,832 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\update.exe

[2010/03/19 12:04:44 | 000,152,664 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\components\setup_widget_serv.exe

[2011/08/24 14:50:27 | 002,134,800 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Raptr\raptr-update-1.7.5-to-1.8.4-r54438-release.exe

[2011/08/12 14:30:36 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe

[2011/06/24 14:54:30 | 000,941,968 | ---- | M] (Samsung) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe

[2011/06/24 14:54:38 | 000,278,928 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe

[2011/06/07 10:14:40 | 000,286,720 | ---- | M] (Samsung) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe

[2011/06/24 14:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe

[2011/06/07 10:14:06 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe

[2011/06/07 10:14:04 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe

[2011/06/09 17:45:38 | 000,660,992 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe

[2011/06/24 14:54:40 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe

[2011/06/07 10:13:54 | 000,100,352 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe

[2011/06/07 10:13:54 | 000,095,232 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe

[2011/06/24 14:54:44 | 000,131,984 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe

[2011/06/24 14:54:46 | 000,020,880 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe

[2011/06/24 14:54:48 | 004,661,464 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe

[2011/06/20 09:33:24 | 020,677,600 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

[2011/08/01 04:32:24 | 000,362,384 | ---- | M] (ml) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe

[2011/09/21 09:43:28 | 000,364,432 | ---- | M] (ml) -- C:\Users\isabelle\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

 

< %SYSTEMDRIVE%\*.exe >

[2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 

 

< MD5 for: AGP440.SYS >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 

< MD5 for: AHCIX86S.SYS >

[2009/04/08 22:45:10 | 000,188,944 | ---- | M] (Advanced Micro Devices, Inc) MD5=A2A2E677071141196C57FF7D2608EBB3 -- C:\oem\preload\autorun\drv\ATIVGAR8\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys

 

< MD5 for: ATAPI.SYS >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 

< MD5 for: CDROM.SYS >

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys

[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys

[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 

< MD5 for: CTFMON.EXE >

[2009/07/14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe

[2009/07/14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe

[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe

[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

 

< MD5 for: DISK.SYS >

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

 

< MD5 for: DWM.EXE >

[2009/07/14 02:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\SysNative\dwm.exe

[2009/07/14 02:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_e99885bbd6e301de\dwm.exe

[2009/07/14 02:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe

 

< MD5 for: EXPLORER.EXE >

[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe

[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe

[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2010/01/07 06:07:45 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2010/01/07 06:07:45 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2010/01/07 06:07:45 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

[2010/01/07 06:07:45 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 

< MD5 for: NDIS.SYS >

[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys

[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 

< MD5 for: RASACD.SYS >

[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys

[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

 

< MD5 for: RDPCLIP.EXE >

[2010/11/20 14:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe

[2009/07/14 02:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe

 

< MD5 for: RDPWD.SYS >

[2010/11/20 12:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SysNative\drivers\rdpwd.sys

[2010/11/20 12:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys

[2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

 

< MD5 for: TASKENG.EXE >

[2010/11/02 05:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe

[2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SysWOW64\taskeng.exe

[2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe

[2010/11/02 06:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe

[2010/11/20 14:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SysNative\taskeng.exe

[2010/11/20 14:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe

[2010/11/02 06:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe

[2009/07/14 02:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe

[2009/07/14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe

[2010/11/02 05:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe

 

< MD5 for: TASKHOST.EXE >

[2009/07/14 02:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe

[2010/11/20 14:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SysNative\taskhost.exe

[2010/11/20 14:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe

 

< MD5 for: TCPIP.SYS >

[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys

[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys

[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys

[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys

[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys

[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys

[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys

[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys

[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys

[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys

[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys

[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys

[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys

[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\drivers\usbscan.sys

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 

< MD5 for: VOLSNAP.SYS >

[2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys

[2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys

[2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

[2009/07/14 02:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

 

< MD5 for: WININIT.EXE >

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Vuze Downloads:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Scanned Documents:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Samsung:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Roxio:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\My Stationery:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\My Received Files:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\LimeWire:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Fax:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Blocs-notes OneNote:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\BearShare:Roxio EMC Stream

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

 

< End of report >

Lien vers le commentaire
Partager sur d’autres sites

ok fait ceci s.t.p

 

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL

SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)

IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found

IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"

FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRxpt115YYFR&ptb=OEG5ZflGpmHtzX2TNWzE6A&ind=2011101814&ptnrS=ZRxpt115YYFR&si=142522&n=77defa76&psa=&st=kwd&searchfor="

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\OFFERBOX\EXTENSIONS-4.0.4498.53\[email protected]

[2011/10/19 00:07:08 | 000,009,967 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\searchplugins\mywebsearch.xml

[2011/10/20 19:59:14 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]

File not found (No name found) -- C:\PROGRAM FILES (X86)\MYWEBSEARCH\BAR\1.BIN

CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll

O2 - BHO: (OfferBox) - {703740c1-0f1a-4cec-a4df-d78db0158477} - C:\Program Files\OfferBox\extensions-4.0.4498.53\offerbox_air_iexplorer.dll File not found

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)

O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)

O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.

O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4 - HKLM\..\Run: [] File not found

O4 - HKLM\..\Run: [iMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent)

O4 - HKCU\..\Run: [WindowsDriverControl] C:\Users\Public\C-76947-8457-2745\winmsngrn.exe File not found

[2011/11/07 16:02:01 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

[2011/10/20 19:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar

[2011/10/20 19:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent

[2011/10/20 19:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IMinent

[2011/10/20 19:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent

[2011/10/17 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\isabelle\AppData\Roaming\OfferBox

[2011/10/17 20:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBox

[2011/11/07 18:05:52 | 000,000,000 | ---D | M] -- C:\Users\isabelle\AppData\Roaming\OfferBox

[2011/11/07 13:28:26 | 000,178,176 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\62D.exe

[2011/11/07 13:28:37 | 000,171,008 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\EDE7.exe

[2 C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\*.tmp files -> C:\Users\isabelle\AppData\Roaming\Microsoft\89D5\*.tmp -> ]

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\Icon1226A4C5.exe

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\IconD7F16134.exe

[2011/11/07 16:02:01 | 000,110,080 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Installer\{89A07279-1DB3-485A-B1DF-584DF86774B9}\IconF7A21AF7.exe

[2011/06/28 06:32:22 | 081,122,288 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe

[2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI.exe

[2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI32.exe

[2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\UnInstallMSI64.exe

[2008/11/26 05:57:44 | 000,737,280 | R--- | M] () -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\USBAutoRun.exe

[2008/11/26 12:59:32 | 006,450,574 | R--- | M] (Macrovision Corporation) -- C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Templates\E\tools\LGInternetKit_V3.0.0.24_Setup.exe

[2010/03/05 16:49:50 | 000,197,632 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\TbHelper2.exe

[2010/03/12 17:45:00 | 000,042,496 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\uninstall.exe

[2010/03/12 17:45:00 | 000,056,832 | ---- | M] () -- C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\btce7mig.default\extensions\chrome\content\id_imbooster4web_v6\update.exe

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Vuze Downloads:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Scanned Documents:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Samsung:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Roxio:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\My Stationery:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\My Received Files:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\LimeWire:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Fax:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\Blocs-notes OneNote:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\isabelle\Documents\BearShare:Roxio EMC Stream

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

 

:Commands

[resethosts]

[emptytemp]

[createrestorepoint]

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.log"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Cliquez ici.

ou la

http://www.cijoint.fr/index.php

 

Ensuite:

 

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

Les Téléchargements - Outils de Xplode - AdwCleaner

 

Lance le, clique sur [suppression] puis patiente le temps du scan.

Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

 

Puis:

 

Pour Internet Explorer:

Démarrer IE-->>Outils-->>Options Internet-->>Onglet avancé-->>REINITIALISER

 

Pour FireFox :

Démarre FireFox --> Outil Options --> Onglet général --> Restaurer la configuration par défaut

 

Après dis moi ou cela en est s.t.p

Lien vers le commentaire
Partager sur d’autres sites

il semblerais je dit bien il semblerais aprés redémarrage du pc que tout sois régler comment je peux le verifier

 

ps: meme si c'est peut etre pas fini je tien a remercier toute les personnes qui mon aider :)

Lien vers le commentaire
Partager sur d’autres sites

content que cela va mieux :super:

 

Ceci juste pour terminer s.t.p

 

Installe Malewarebytes' Antimalware,

 

Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer

 

Prends bien la version FREE

*** Met-le à jour puis choisi, Exécuter un examen complet

 

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 

Poste le rapport final.

Lien vers le commentaire
Partager sur d’autres sites

voici le rapport final:

 

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Version de la base de données: 8117

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

 

08/11/2011 16:22:40

mbam-log-2011-11-08 (16-22-40).txt

 

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 325143

Temps écoulé: 47 minute(s), 25 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 1

Clé(s) du Registre infectée(s): 10

Valeur(s) du Registre infectée(s): 3

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 1

Fichier(s) infecté(s): 4

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

c:\program files (x86)\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWS INTERNET NAME SERVICE (Trojan.P2P) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsDriverControl (Trojan.Agent) -> Value: WindowsDriverControl -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\62D.exe (Backdoor.CycBot.Gen) -> Value: 62D.exe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Internet Name Service\ImagePath (Trojan.P2P) -> Value: ImagePath -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

c:\Users\Public\c-76947-8457-2745 (Backdoor.Bot) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

c:\program files (x86)\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.

c:\program files (x86)\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.

c:\Users\isabelle\AppData\LocalLow\funwebproducts\Installr\Cache\008712A8.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

c:\Users\isabelle\AppData\LocalLow\mywebsearch\bar\Cache\05255654.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Lien vers le commentaire
Partager sur d’autres sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

 Share

  • En ligne récemment   0 membre est en ligne

    Aucun utilisateur enregistré regarde cette page.

×
×
  • Créer...