OTL logfile created on: 06/06/2011 11:53:29 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\celine1\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,05 Gb Total Space | 46,07 Gb Free Space | 33,61% Space Free | Partition Type: NTFS
Computer Name: PC-DE-CÉLINE | User Name: celine1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\celine1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
========== Modules (SafeList) ========== MOD - C:\Users\celine1\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- File not found
SRV - (ekrn) -- File not found
SRV - (EhttpSrv) -- File not found
SRV - (CarboniteService) -- File not found
SRV - (Boonty Games) -- File not found
SRV - (avast! Antivirus) -- File not found
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Symantec Core LC) -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
========== Driver Services (SafeList) ========== DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (SE1008mdm) -- C:\Windows\System32\drivers\SE1008mdm.sys (Sony Ericsson)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows (R) 2000 DDK provider)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {bf0ad41b-165c-42e1-8f4c-31ef000f9e77} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.packardbell.com/?id=9136IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.packardbell.com/?id=9136IE - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-18..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-19..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [PixVillage] C:\Program Files\PixVillage\pixvillage.exe (BBCG Software)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1937009126-742563726-1599648258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Unable to save MBR. Invalid drive designation: 0
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~3\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips SA011 Gestionnaire de piphiques.lnk - C:\PROGRA~1\Philips\GOGEAR~1\main.exe - (KeenHigh Tech.)
MsConfig - StartUpFolder: C:^Users^Céline^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk - C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg:
Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg:
AdobeUpdater - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg:
egui - hkey= - key= - File not found
MsConfig - StartUpReg:
IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found
MsConfig - StartUpReg:
QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg:
RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg:
Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg:
Speech Recognition - hkey= - key= - C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
MsConfig - StartUpReg:
StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg:
SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg:
TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg:
toolbar_eula_launcher - hkey= - key= - C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
MsConfig - StartUpReg:
Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg:
WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3D20B5F3-7F82-408B-D63B-77AADFB6F2DC} -
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\SL_ANET.ACM (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.JDCT - C:\Windows\System32\jl_jdct.drv (JEILIN Tech.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
========== Files/Folders - Created Within 30 Days ========== [2011/06/05 12:57:51 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\PlayFirst
[2011/06/05 12:53:14 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\WinRAR
[2011/06/05 11:56:03 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\celine1\Desktop\TDSSKiller.exe
[2011/06/05 11:54:01 | 000,093,744 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\73401337.sys
[2011/06/05 11:48:22 | 000,093,744 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\10094876.sys
[2011/06/04 12:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/04 12:51:19 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Malwarebytes
[2011/06/04 12:49:56 | 007,734,216 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\celine1\Desktop\mbam-setup.exe
[2011/06/04 11:57:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/04 11:57:37 | 000,000,000 | ---D | C] -- \_OTL
[2011/05/28 14:56:01 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Apple
[2011/05/28 11:08:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\celine1\Desktop\OTL.exe
[2011/05/27 16:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2011/05/27 16:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2011/05/27 15:55:37 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Adobe
[2011/05/26 16:40:28 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\VirtualStore
[2011/05/26 15:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/26 15:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/26 11:23:26 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Microsoft Games
[2011/05/26 11:04:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/26 10:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011/05/26 10:07:14 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\CrashDumps
[2011/05/26 10:06:58 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Macromedia
[2011/05/26 10:06:39 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Adobe
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\Searches
[2011/05/26 10:04:51 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/05/26 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Roaming\Identities
[2011/05/26 10:04:36 | 000,000,000 | R--D | C] -- C:\Users\celine1\Contacts
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Voisinage réseau
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Voisinage d'impression
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Temporary Internet Files
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\SendTo
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Recent
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Modèles
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Mes vidéos
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Mes images
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Mes documents
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Menu Démarrer
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Documents\Ma musique
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Local Settings
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Historique
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Cookies
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\Application Data
[2011/05/26 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\celine1\AppData\Local\Application Data
[2011/05/26 10:04:22 | 000,000,000 | --SD | C] -- C:\Users\celine1\AppData\Roaming\Microsoft
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Videos
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Saved Games
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Pictures
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Music
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Links
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Favorites
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Downloads
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Documents
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\Desktop
[2011/05/26 10:04:22 | 000,000,000 | R--D | C] -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/05/26 10:04:22 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Temp
[2011/05/26 10:04:22 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Microsoft Help
[2011/05/26 10:04:22 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData\Local\Microsoft
[2011/05/26 10:04:22 | 000,000,000 | ---D | C] -- C:\Users\celine1\AppData
[2011/05/24 15:57:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\beep.sys
[2011/05/15 16:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/05/12 16:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/05/12 16:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/05/12 16:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/05/09 10:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Balls
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/06/06 11:57:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A0DEDE41-8B8B-40DE-A6FF-2B4C2A8AF227}.job
[2011/06/06 11:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-Céline.job
[2011/06/06 11:19:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1937009126-742563726-1599648258-1000UA.job
[2011/06/06 10:19:04 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/06 10:19:04 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/06 09:20:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/05 12:56:58 | 000,001,045 | ---- | M] () -- C:\Users\celine1\Desktop\Cooking Dash(R) 3 - Thrills & Spills.lnk
[2011/06/05 11:54:01 | 000,093,744 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\73401337.sys
[2011/06/05 11:48:22 | 000,093,744 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\10094876.sys
[2011/06/05 11:46:48 | 001,301,452 | ---- | M] () -- C:\Users\celine1\Desktop\tdsskiller.zip
[2011/06/04 12:54:16 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/04 12:49:56 | 007,734,216 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\celine1\Desktop\mbam-setup.exe
[2011/06/04 12:17:31 | 000,606,105 | ---- | M] () -- C:\Users\celine1\Desktop\unhide.exe
[2011/06/04 11:46:12 | 000,129,376 | ---- | M] () -- C:\Users\celine1\Documents\cine.xps
[2011/06/04 09:19:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1937009126-742563726-1599648258-1000Core.job
[2011/06/02 09:16:11 | 000,000,680 | ---- | M] () -- C:\Users\celine1\AppData\Local\d3d9caps.dat
[2011/05/30 22:52:20 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Céline.job
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/28 11:08:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\celine1\Desktop\OTL.exe
[2011/05/27 16:14:07 | 000,000,738 | ---- | M] () -- C:\Users\celine1\Desktop\HD Tune.lnk
[2011/05/26 15:37:52 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/05/26 10:06:11 | 000,000,946 | ---- | M] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/26 10:04:25 | 000,000,664 | RHS- | M] () -- C:\Users\celine1\ntuser.pol
[2011/05/25 07:10:16 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\celine1\Desktop\TDSSKiller.exe
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/05/22 19:41:03 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/19 21:31:14 | 000,075,466 | ---- | M] () -- C:\dxdiag.xml
[2011/05/19 17:54:45 | 000,689,338 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/19 17:54:44 | 000,605,208 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/19 17:54:44 | 000,131,674 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/19 17:54:44 | 000,108,282 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/16 20:00:00 | 000,000,702 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Céline.job
[2011/05/16 10:02:01 | 000,001,958 | ---- | M] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/06/05 12:56:58 | 000,001,045 | ---- | C] () -- C:\Users\celine1\Desktop\Cooking Dash(R) 3 - Thrills & Spills.lnk
[2011/06/05 11:46:39 | 001,301,452 | ---- | C] () -- C:\Users\celine1\Desktop\tdsskiller.zip
[2011/06/04 12:51:23 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/04 12:17:22 | 000,606,105 | ---- | C] () -- C:\Users\celine1\Desktop\unhide.exe
[2011/06/04 11:46:09 | 000,129,376 | ---- | C] () -- C:\Users\celine1\Documents\cine.xps
[2011/05/27 16:14:07 | 000,000,738 | ---- | C] () -- C:\Users\celine1\Desktop\HD Tune.lnk
[2011/05/26 15:37:52 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/26 12:24:06 | 000,000,680 | ---- | C] () -- C:\Users\celine1\AppData\Local\d3d9caps.dat
[2011/05/26 10:06:11 | 000,000,946 | ---- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/26 10:04:55 | 000,000,952 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/26 10:04:50 | 000,000,947 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/05/26 10:04:35 | 000,000,918 | ---- | C] () -- C:\Users\celine1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/05/26 10:04:25 | 000,000,664 | RHS- | C] () -- C:\Users\celine1\ntuser.pol
[2011/05/26 10:04:23 | 000,001,958 | ---- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/26 10:04:23 | 000,000,258 | ---- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/05/26 10:04:23 | 000,000,240 | ---- | C] () -- C:\Users\celine1\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/23 19:06:20 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/09/30 18:13:22 | 000,075,466 | ---- | C] () -- \dxdiag.xml
[2010/07/04 11:50:08 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/07/04 11:50:08 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/03/07 14:22:44 | 000,000,039 | ---- | C] () -- C:\Windows\BELOTEXP.INI
[2009/12/20 18:52:55 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dec_jl6.dll
[2009/10/17 11:34:44 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/06/06 17:30:29 | 000,033,061 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2009/05/03 13:29:55 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/05/03 13:29:31 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2009/05/02 18:09:56 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/04/26 13:43:02 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/26 13:43:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/24 16:35:42 | 3131,334,656 | -HS- | C] () --
[2008/11/26 04:34:17 | 000,689,338 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/11/26 04:34:17 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/11/26 04:34:17 | 000,131,674 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/11/26 04:34:17 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2008/11/26 04:25:05 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008/11/26 04:24:50 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/11/26 04:24:50 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/11/25 20:28:58 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/25 12:04:14 | 000,333,203 | RHS- | C] () -- \bootmgr
[2008/05/07 09:55:12 | 000,002,916 | ---- | C] () -- \files.crc
[2007/06/12 08:55:11 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/06/12 08:55:11 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/06/12 08:55:11 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/05/30 09:54:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 000,306,336 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,605,208 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,108,282 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys
========== LOP Check ========== [2011/06/05 12:57:51 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\PlayFirst
[2009/10/16 13:46:29 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\.ABC
[2010/03/11 22:39:18 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\1morebee
[2010/01/14 23:31:14 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\ACD Systems
[2010/11/15 13:14:29 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Alawar
[2010/07/17 10:13:29 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Alawar Entertainment
[2011/02/24 01:30:38 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\AlawarSouthpoint
[2009/11/15 18:47:33 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Anabel
[2009/11/02 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Ashtons Family Resort
[2011/03/14 11:19:36 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Awem
[2010/05/31 20:13:55 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\BanzaiInteractive
[2011/05/22 19:24:34 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\BeachPartyCraze
[2010/10/04 11:59:14 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\BlamGames
[2011/02/28 10:33:52 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Boolat Games
[2010/11/10 21:15:39 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Brunhilda_real
[2009/10/17 11:34:58 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Canneverbe_Limited
[2010/11/23 10:32:56 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\CasualForge
[2010/03/19 10:44:12 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Dekovir
[2010/03/10 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\EleFun Games
[2010/02/17 21:38:04 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\ElementalsTheMagicKey
[2009/10/14 08:45:19 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Farm Mania
[2010/04/03 22:45:10 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Farm Mania 2
[2010/09/21 14:09:27 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Floodlight Games
[2011/03/13 12:24:53 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\FlyWheelGames
[2010/07/23 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\freshgames
[2010/10/12 13:02:08 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Friday's games
[2010/06/26 11:33:02 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Fugazo
[2011/01/13 00:11:48 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\funkitron
[2010/01/05 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\GameHousev1002
[2011/03/29 14:51:00 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\GameInvest
[2010/08/12 19:40:42 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\GamesCafe
[2011/05/03 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Gogii
[2009/08/13 18:32:41 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\GOL_byHasbro
[2010/01/27 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\HdO Adventure
[2010/08/24 18:56:46 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\IBAGroup
[2011/05/10 11:51:45 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\iMaxGen
[2011/05/05 11:07:07 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\InImages
[2011/05/22 19:24:35 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Jane s Hotel 3
[2009/10/17 19:39:44 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\LG Electronics
[2011/05/22 19:24:35 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Magic3
[2010/03/01 19:48:48 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Merscom
[2009/10/17 13:28:19 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\My Games
[2011/02/22 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Mystery of Mortlake Mansion
[2009/11/24 18:22:09 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\MysteryStudio
[2010/08/05 12:52:29 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\NevoSoft Games
[2009/05/08 22:30:33 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Packard Bell
[2009/11/25 23:04:28 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Peace Craft
[2010/10/07 10:24:30 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\PeaceCraft2
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\PetShowCraze
[2011/05/19 09:38:42 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\PlayFirst
[2010/02/02 15:07:24 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Playrix Entertainment
[2011/03/14 12:56:08 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Princess Isabella
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\RobinsonCrusoe
[2009/09/25 15:28:43 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Saved Games
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\SecretIslandFraBF
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Settlement. Colossus
[2010/05/14 10:27:15 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\ShinyTales
[2011/06/05 11:48:54 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\SoftGrid Client
[2010/11/03 11:50:06 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\SulusGames
[2011/03/28 09:42:06 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Supermarket Mania 2
[2009/11/24 22:20:10 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Template
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\ThreeDays2
[2010/04/27 16:04:21 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Tific
[2010/05/20 21:27:44 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\TitanicMystery
[2011/05/22 19:24:37 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\TMInc
[2009/05/02 19:14:55 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\TomTom
[2010/11/19 12:06:27 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Total Eclipse
[2010/11/02 19:20:41 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\TP
[2010/11/09 22:18:13 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Trio
[2010/11/30 11:53:15 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\VendelGAMES
[2010/07/22 17:52:22 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Virtual City
[2009/08/18 21:37:19 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\World-LooM
[2011/05/03 14:16:49 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\YoudaGames
[2011/05/22 19:24:38 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Zylom
[2011/05/22 19:24:38 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Zylom 3 Days Zoo Mystery
[2011/05/22 19:24:38 | 000,000,000 | ---D | M] -- C:\Users\Céline\AppData\Roaming\Zylom JanesZOO
[2011/02/09 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\lila\AppData\Roaming\Canneverbe_Limited
[2011/06/06 11:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Extension de garantie-Céline.job
[2011/06/06 01:12:34 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/06 11:57:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A0DEDE41-8B8B-40DE-A6FF-2B4C2A8AF227}.job
========== Purity Check ========== ========== Custom Scans ========== < %temp%\smtmp\1\*. /s > < %temp%\smtmp\2\*. /s > < %temp%\smtmp\4\*. /s > < %temp%\smtmp\1\*.* /s > < %temp%\smtmp\2\*.* /s > < %temp%\smtmp\4\*.* /s > < nslookup http://www.google.fr /c >Serveur : dns2.proxad.net
Address: 212.27.40.241
< %systemroot%\system32\drivers\*.sys /lockedfiles >[2 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
< %APPDATA%\*. >[2011/05/27 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Adobe
[2011/05/26 10:04:38 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Identities
[2011/05/26 10:06:58 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Macromedia
[2011/06/04 12:51:19 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\Malwarebytes
[2011/05/26 15:33:40 | 000,000,000 | --SD | M] -- C:\Users\celine1\AppData\Roaming\Microsoft
[2011/06/05 12:57:51 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\PlayFirst
[2011/06/05 12:53:14 | 000,000,000 | ---D | M] -- C:\Users\celine1\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CDROM.SYS >[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CTFMON.EXE >[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\System32\ctfmon.exe
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
< MD5 for: DISK.SYS >[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
< MD5 for: DWM.EXE >[2009/04/11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=01DD1004181FD46ECDC3628228EB269D -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.0.6002.18005_none_8f8f0d20ba53c683\dwm.exe
[2008/01/21 04:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=59903071D7ACE6A02093C47E9E38AF97 -- C:\Windows\System32\dwm.exe
[2008/01/21 04:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=59903071D7ACE6A02093C47E9E38AF97 -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.0.6001.18000_none_8da39414bd31fb37\dwm.exe
< MD5 for: EXPLORER.EXE >[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NDIS.SYS >[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: RASACD.SYS >[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
< MD5 for: RDPWD.SYS >[2009/04/11 06:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys
[2008/01/21 04:34:38 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys
[2008/01/21 04:34:38 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys
< MD5 for: SCECLI.DLL >[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SFLOPPY.SYS >[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\drivers\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys
[2008/01/21 04:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys
< MD5 for: TASKENG.EXE >[2010/11/05 15:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe
[2010/11/04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe
[2008/01/21 04:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe
[2010/11/05 00:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe
[2009/04/11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe
[2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\System32\taskeng.exe
[2010/11/05 02:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe
< MD5 for: TCPIP.SYS >[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: TDPIPE.SYS >[2008/01/21 04:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/21 04:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys
< MD5 for: TDTCP.SYS >[2008/01/21 04:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2008/01/21 04:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys
< MD5 for: USBPRINT.SYS >[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/21 04:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys
< MD5 for: USBSCAN.SYS >[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/21 04:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
< MD5 for: USERINIT.EXE >[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: VOLSNAP.SYS >[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\drivers\volsnap.sys
< MD5 for: WININIT.EXE >[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles > < > < >< End of report >