Votre question

Service DHCP

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Septembre 2010 21:04:24

Bonjour à tous, on m'a envoyé dans cette section, quelqu'un pourrait-il m'aider

Fil de discussion : http://www.infos-du-net.com/forum/298416-8-service-dhcp...

Merci

Autres pages sur : service dhcp

18 Septembre 2010 21:47:18

je suis
drapal
18 Septembre 2010 23:37:12

Bonsoir
c'est bien une infection. (hijackthis ne permet pas de loger ce problème, on va faire autrement)

Télécharge OTLPENet.
Prépare un CD vierge et lance OTLPENet, cela va te permettre de graver une mage iso.
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour se faire suivre ce lien : Booter sur un CD.
Tuto OTLPE

Tu lances l'iso d'OTLPENet que tu as gravé.
  • une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune

  • Double-clique sur l'icone OTLPE
  • quand demandé "Do you wish to load the remote registry", select Yes
  • quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
  • vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK



  • sous Custom Scan box
    1 copie_colle le contenu du cadre ci dessous:


    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    userinit.exe
    winlogon.exe
    wininit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    cdrom.sys
    disk.sys
    ndis.sys
    mountmgr.sys
    aec.sys
    rasacd.sys
    mrxsmb10.sys
    mrxsmb20.sys
    termdd.sys
    mrxsmb.sys
    win32k.sys
    storport.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


  • copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
  • 2 Clic Run Scan pour démarrer le scan.
  • Une fois terminé , le fichier se trouve là C:\OTL.txt
  • Copie_colle le contenu dans ta prochaine réponse.
    Contenus similaires
    19 Septembre 2010 05:00:26

    OTL logfile created on: 9/19/2010 3:31:27 AM - Run
    OTLPE by OldTimer - Version 3.1.41.0 Folder = X:\Programs\OTLPE
    Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 95.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 149.10 Gb Total Space | 41.84 Gb Free Space | 28.06% Space Free | Partition Type: NTFS
    Drive D: | 148.98 Gb Total Space | 24.98 Gb Free Space | 16.77% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive X: | 434.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO
    Current User Name: SYSTEM
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard
    Using ControlSet: ControlSet001

    ========== Win32 Services (SafeList) ==========

    SRV - [2010/09/08 19:22:14 | 002,854,488 | ---- | M] () [Auto] -- c:\Program Files\Common Files\Akamai\rswin_3746.dll -- (Akamai)
    SRV - [2010/08/18 15:14:46 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
    SRV - [2010/08/03 21:51:10 | 000,176,128 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2010/03/18 09:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 09:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/01 13:07:00 | 003,461,068 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\Windows\System32\GameMon.des -- (npggsvc)
    SRV - [2010/01/07 20:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/16 12:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2008/05/29 11:55:24 | 001,286,144 | ---- | M] () [Auto] -- C:\Program Files\ASUS\Drive Xpert\SteelVine.exe -- (57xx SteelVine Manager)
    SRV - [2008/01/18 19:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/06/05 09:20:32 | 000,177,704 | ---- | M] () [Auto] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
    SRV - [2005/03/09 16:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto] -- C:\Windows\System32\libusbd-nt.exe -- (libusbd)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\XDva359.sys -- (XDva359)
    DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand] -- C:\Users\HB2261~1.S\AppData\Local\Temp\CXC7BBD.tmp -- (GarenaPEngine)
    DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
    DRV - File not found [Kernel | Disabled] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2010/08/03 22:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010/08/03 22:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2010/08/03 21:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010/02/02 15:55:07 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
    DRV - [2010/01/20 18:37:03 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
    DRV - [2010/01/16 19:37:05 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
    DRV - [2009/11/03 12:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
    DRV - [2009/10/14 16:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\Windows\System32\drivers\klbg.sys -- (klbg)
    DRV - [2009/10/02 14:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
    DRV - [2009/09/23 05:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
    DRV - [2009/09/01 10:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
    DRV - [2009/06/17 05:56:18 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009/06/17 05:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009/05/28 07:07:14 | 000,334,992 | ---- | M] (Logitech) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ladfSBVMi386.sys -- (LADF_SBVM)
    DRV - [2009/05/28 07:07:14 | 000,053,520 | ---- | M] (Logitech) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ladfDHP2i386.sys -- (LADF_DHP2)
    DRV - [2009/04/10 17:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
    DRV - [2008/09/23 12:15:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
    DRV - [2008/08/29 05:28:00 | 002,163,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2008/07/22 04:01:34 | 000,151,592 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\mv61xx.sys -- (mv61xx)
    DRV - [2007/12/17 05:14:06 | 000,012,400 | R--- | M] () [Kernel | System] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
    DRV - [2007/08/24 15:44:54 | 000,101,504 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
    DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2006/10/18 09:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
    DRV - [2005/03/09 16:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
    DRV - [2004/12/23 00:47:10 | 000,027,392 | R--- | M] (Ulead Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ULCDRHlp.sys -- (ULCDRHlp)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://bar.baidu.com/sobar/defaultsearch.html
    IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch_sb =
    IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://bar.baidu.com/sobar/defaultsearch.html
    IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant_sb =
    IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {d366e137-6c51-46b1-a99a-7b679f8009c2} - C:\Program Files\my-search\tbmy-s.dll (Conduit Ltd.)


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\H.b.S_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\H.b.S_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
    IE - HKU\H.b.S_ON_C\..\URLSearchHook: {d366e137-6c51-46b1-a99a-7b679f8009c2} - C:\Program Files\my-search\tbmy-s.dll (Conduit Ltd.)
    IE - HKU\H.b.S_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
    IE - HKU\H.b.S_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




    ========== FireFox ==========

    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
    FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
    FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.7
    FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
    FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
    FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.10
    FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2
    FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
    FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
    FF - prefs.js..extensions.enabledItems: 5
    FF - prefs.js..extensions.enabledItems: 3
    FF - prefs.js..extensions.enabledItems: 1

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/30 09:00:11 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/30 09:00:11 | 000,000,000 | ---D | M]

    [2010/01/16 16:00:20 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Extensions
    [2010/09/15 15:17:02 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions
    [2010/01/30 18:20:19 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2010/01/17 13:56:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/07/14 23:53:27 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
    [2010/02/02 15:55:50 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\DTToolbar@toolbarnet.com
    [2010/09/15 10:20:58 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\firefox@tvunetworks.com
    [2010/08/13 22:47:13 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\extensions\illimitux@illimitux.net
    [2010/02/02 15:55:33 | 000,002,055 | ---- | M] () -- C:\Users\H.b.S\AppData\Roaming\Mozilla\Firefox\Profiles\as8zv5oa.default\searchplugins\daemon-search.xml
    [2010/09/15 15:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/05/07 20:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/03 11:11:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/01/16 19:40:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
    [2010/07/17 00:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/01/16 19:20:45 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
    [2010/07/30 09:00:08 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/07/30 09:00:08 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/07/30 09:00:08 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/07/30 09:00:09 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/07/30 09:00:09 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2010/08/06 12:04:27 | 000,000,989 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
    O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
    O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
    O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
    O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
    O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
    O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
    O2 - BHO: (my-search Toolbar) - {d366e137-6c51-46b1-a99a-7b679f8009c2} - C:\Program Files\my-search\tbmy-s.dll (Conduit Ltd.)
    O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
    O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (my-search Toolbar) - {d366e137-6c51-46b1-a99a-7b679f8009c2} - C:\Program Files\my-search\tbmy-s.dll (Conduit Ltd.)
    O3 - HKU\H.b.S_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKU\H.b.S_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
    O3 - HKU\H.b.S_ON_C\..\Toolbar\WebBrowser: (my-search Toolbar) - {D366E137-6C51-46B1-A99A-7B679F8009C2} - C:\Program Files\my-search\tbmy-s.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
    O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
    O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe ()
    O4 - HKLM..\Run: [Drive Xpert] C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe (Silicon Image, Inc.)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Logitech G35] C:\Program Files\Logitech\G35\G35.exe (Logitech(c))
    O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe ()
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKU\H.b.S_ON_C..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
    O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
    O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
    O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
    O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
    O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Application Data\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Application Data\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O32 - HKLM CDRom: AutoRun - 0
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{18aad1cd-05ca-11df-a50c-00248c59b695}\Shell - "" = AutoRun
    O33 - MountPoints2\{18aad1dc-05ca-11df-a50c-00248c59b695}\Shell - "" = AutoRun
    O33 - MountPoints2\{18aad1df-05ca-11df-a50c-00248c59b695}\Shell - "" = AutoRun
    O33 - MountPoints2\{2c84e9dd-027e-11df-a278-00248c59b695}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/18 19:33:30 | 000,013,312 | ---- | M] (Microsoft Corporation)
    O33 - MountPoints2\{30d0f6ac-0a91-11df-88a4-00248c59b695}\Shell - "" = AutoRun
    O33 - MountPoints2\{3532ce00-0229-11df-84e0-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{3532ce00-0229-11df-84e0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe -- File not found
    O33 - MountPoints2\{3570084a-10ca-11df-92a1-c47fb4e4aea3}\Shell - "" = AutoRun
    O33 - MountPoints2\{3570084a-10ca-11df-92a1-c47fb4e4aea3}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
    O33 - MountPoints2\{b1e231df-0236-11df-aeac-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{b1e231df-0236-11df-aeac-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe - (Logitech Inc.)
    MsConfig - StartUpReg: IDMan - hkey= - key= - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
    MsConfig - StartUpReg: Launch Direct Link - hkey= - key= - C:\Program Files\ASUS\AI Direct Link\AsShare.exe File not found
    MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
    MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

    SafeBootMin: AppMgmt - Service
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: NTDS - File not found
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet: AppMgmt - Service
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: Messenger - Service
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: NTDS - File not found
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootNet: WudfPf - Driver
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
    Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
    Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
    Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/09/15 14:24:30 | 000,000,000 | ---D | C] -- C:\Users\H.b.S\Documents\KONAMI
    [2010/09/15 14:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
    [2010/09/15 10:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\TVUPlayer
    [2010/09/12 15:44:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
    [2010/09/10 15:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
    [2010/09/10 15:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
    [2010/09/07 16:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Dofus 2
    [2010/09/04 15:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\BlastShark
    [2010/09/03 15:46:53 | 000,000,000 | ---D | C] -- C:\gPotato
    [2010/08/28 14:53:20 | 000,000,000 | ---D | C] -- C:\Program Files\MKVtoolnix
    [2010/08/25 03:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
    [2010/08/25 03:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
    [2010/08/25 03:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
    [2010/08/25 03:18:15 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMCT232.OCX
    [2010/08/25 03:18:14 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
    [2010/08/25 03:18:14 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
    [2010/08/25 03:18:14 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll
    [2010/08/25 03:18:14 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll
    [2010/08/25 03:18:14 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll
    [2010/08/25 03:18:14 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll
    [2010/08/25 03:18:13 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll
    [2010/08/25 03:18:13 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
    [2010/08/25 03:18:13 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.OCX
    [2010/08/25 03:18:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscc2fr.dll
    [2010/08/25 03:18:13 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
    [2010/08/25 03:18:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetfr.DLL
    [2010/08/25 03:18:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
    [2010/08/25 03:18:12 | 000,000,000 | ---D | C] -- C:\Users\H.b.S\AppData\Roaming\FreeAudioPack
    [2010/08/25 03:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\Free Audio Pack
    [2009/11/10 15:57:44 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll
    [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/09/18 21:49:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/09/18 21:49:47 | 000,004,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/09/18 21:49:47 | 000,004,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/09/18 21:49:42 | 003,202,404 | -H-- | M] () -- C:\Users\H.b.S\AppData\Local\IconCache.db
    [2010/09/18 21:40:41 | 3488,661,504 | -HS- | M] () -- C:\hiberfil.sys
    [2010/09/18 14:41:47 | 001,524,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/09/18 14:41:47 | 000,688,656 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/09/18 14:41:47 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/09/18 14:41:47 | 000,131,282 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/09/18 14:41:47 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/09/18 09:26:49 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
    [2010/09/18 09:26:49 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
    [2010/09/18 08:05:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/09/16 16:40:03 | 000,030,208 | ---- | M] () -- C:\Users\H.b.S\Desktop\mode_d_emploi_201011.doc
    [2010/09/16 16:40:00 | 000,038,912 | ---- | M] () -- C:\Users\H.b.S\Desktop\ficheinscription1011.doc
    [2010/09/15 14:15:41 | 000,000,008 | ---- | M] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_1
    [2010/09/15 14:09:31 | 000,000,788 | ---- | M] () -- C:\Users\H.b.S\Desktop\SopCast.lnk
    [2010/09/15 14:07:19 | 000,000,169 | ---- | M] () -- C:\Users\H.b.S\AppData\Roaming\D2Info0
    [2010/09/15 12:07:46 | 000,000,008 | ---- | M] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_3
    [2010/09/15 11:37:25 | 000,000,008 | ---- | M] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_2
    [2010/09/11 17:56:01 | 000,060,928 | ---- | M] () -- C:\Users\H.b.S\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/07 16:02:17 | 000,000,901 | ---- | M] () -- C:\Users\H.b.S\Desktop\Dofus 2.lnk
    [2010/08/30 18:39:31 | 019,657,194 | ---- | M] () -- C:\Users\H.b.S\Documents\vlc-1.1.4-win32.exe
    [2010/08/28 14:17:16 | 008,405,173 | ---- | M] () -- C:\Users\H.b.S\Desktop\idm519.zip
    [2010/08/27 14:14:37 | 000,075,017 | ---- | M] () -- C:\Users\H.b.S\Desktop\minimap.jpg
    [2010/08/26 21:03:08 | 000,002,709 | ---- | M] () -- C:\Users\H.b.S\Desktop\WorldWide Telescope.lnk
    [2010/08/25 03:34:32 | 000,287,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/08/25 01:38:04 | 000,070,648 | ---- | M] () -- C:\Users\H.b.S\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/08/21 14:40:54 | 019,563,096 | ---- | M] () -- C:\Users\H.b.S\Documents\vlc-1.1.3-win32.exe
    [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/09/18 09:25:47 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
    [2010/09/18 09:25:47 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
    [2010/09/18 08:24:03 | 3488,661,504 | -HS- | C] () -- C:\hiberfil.sys
    [2010/09/16 16:40:03 | 000,030,208 | ---- | C] () -- C:\Users\H.b.S\Desktop\mode_d_emploi_201011.doc
    [2010/09/16 16:40:00 | 000,038,912 | ---- | C] () -- C:\Users\H.b.S\Desktop\ficheinscription1011.doc
    [2010/09/15 14:09:31 | 000,000,788 | ---- | C] () -- C:\Users\H.b.S\Desktop\SopCast.lnk
    [2010/09/07 17:13:01 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_3
    [2010/09/07 17:10:49 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_1
    [2010/09/07 17:10:03 | 000,000,169 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\D2Info0
    [2010/09/07 17:10:03 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId0_2
    [2010/09/07 16:02:17 | 000,000,901 | ---- | C] () -- C:\Users\H.b.S\Desktop\Dofus 2.lnk
    [2010/08/30 18:38:02 | 019,657,194 | ---- | C] () -- C:\Users\H.b.S\Documents\vlc-1.1.4-win32.exe
    [2010/08/27 14:10:27 | 000,075,017 | ---- | C] () -- C:\Users\H.b.S\Desktop\minimap.jpg
    [2010/08/25 03:18:14 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
    [2010/08/25 03:18:13 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2010/08/25 00:28:44 | 000,330,696 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\Alganon Uninstall Log.txt
    [2010/08/21 14:40:18 | 019,563,096 | ---- | C] () -- C:\Users\H.b.S\Documents\vlc-1.1.3-win32.exe
    [2010/08/19 15:22:17 | 000,736,285 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\Alganon Setup Log.txt
    [2010/08/18 16:17:43 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2010/08/18 16:17:43 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2010/08/03 21:14:26 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
    [2010/07/31 23:27:37 | 000,000,000 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\chrtmp
    [2010/07/31 23:27:34 | 001,588,224 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\Hack Multi SCC 06-29-10.msi
    [2010/07/29 20:29:51 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
    [2010/07/29 20:29:51 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\2C6F3F806E.sys
    [2010/07/05 16:00:41 | 000,000,022 | ---- | C] () -- C:\Windows\pspvc_path.ini
    [2010/05/20 16:36:37 | 000,000,000 | ---- | C] () -- C:\Users\H.b.S\AppData\Local\Temp0cdab112c4a6e11872374c7bded4a529.lock
    [2010/04/02 13:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
    [2010/02/22 18:37:29 | 000,000,093 | ---- | C] () -- C:\Users\H.b.S\AppData\Local\fusioncache.dat
    [2010/02/08 02:31:43 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId3_3
    [2010/02/07 16:12:15 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId3_2
    [2010/02/07 08:36:20 | 000,000,169 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\D2Info3
    [2010/02/07 08:36:20 | 000,000,008 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\DofusAppId3_1
    [2010/01/19 11:52:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2010/01/18 15:18:24 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/01/18 15:18:24 | 000,022,328 | ---- | C] () -- C:\Users\H.b.S\AppData\Roaming\PnkBstrK.sys
    [2010/01/16 20:50:33 | 000,060,928 | ---- | C] () -- C:\Users\H.b.S\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/01/16 15:57:04 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
    [2010/01/16 06:23:03 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
    [2010/01/15 20:46:59 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2010/01/15 20:31:39 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
    [2010/01/15 20:31:39 | 000,012,400 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
    [2010/01/15 20:31:36 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
    [2010/01/15 20:31:36 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
    [2010/01/15 20:16:51 | 000,034,115 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2010/01/15 20:16:12 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
    [2010/01/15 20:16:03 | 000,033,352 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2010/01/15 20:16:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2010/01/15 20:04:54 | 000,001,356 | ---- | C] () -- C:\Users\H.b.S\AppData\Local\d3d9caps.dat
    [2009/06/19 16:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009/06/19 16:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2009/05/28 07:07:14 | 000,075,024 | ---- | C] () -- C:\Windows\System32\LADFCoinst_i386.dll
    [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

    ========== LOP Check ==========

    [2010/08/18 14:33:36 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\ALLCapture
    [2010/02/07 08:36:23 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\app
    [2010/01/16 15:58:50 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\BITS
    [2010/02/03 10:42:25 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\DAEMON Tools Lite
    [2010/09/17 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\DMCache
    [2010/09/08 20:36:12 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Dofus 2
    [2010/02/25 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/02/08 02:31:43 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/02/25 15:58:33 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/07/14 23:53:26 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010/07/12 05:39:01 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\FFSJ
    [2010/01/16 15:56:51 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\FlashGet
    [2010/01/16 15:56:49 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\FlashGetBHO
    [2010/05/23 12:42:49 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\FOG Downloader
    [2010/01/16 19:21:01 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Foxit
    [2010/08/25 03:18:15 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\FreeAudioPack
    [2010/04/16 21:53:12 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\GetRightToGo
    [2010/08/28 17:24:37 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\IDM
    [2010/02/23 17:28:32 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\ImgBurn
    [2010/01/16 15:43:25 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\ImTOO Software Studio
    [2010/06/19 06:17:58 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Leadertech
    [2010/05/12 11:26:38 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\LolClient
    [2010/03/20 11:58:29 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
    [2010/07/11 13:36:45 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\mkvtoolnix
    [2010/09/17 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Mumble
    [2010/02/04 15:49:13 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\OpenOffice.org
    [2010/01/15 20:07:26 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Opera
    [2010/01/24 15:00:21 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\PPLive
    [2010/03/10 15:43:27 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\PPMate
    [2010/01/23 09:51:58 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\ProxyCap
    [2010/02/07 08:36:23 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/05/18 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Silverlode Interactive
    [2010/08/31 13:14:04 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\SystemRequirementsLab
    [2010/04/09 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\The Creative Assembly
    [2010/08/04 22:39:07 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Ubisoft
    [2010/01/17 01:48:43 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\Uniblue
    [2010/09/08 16:49:32 | 000,000,000 | ---D | M] -- C:\Users\H.b.S\AppData\Roaming\uTorrent
    [2010/09/18 05:07:05 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

    Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

    < %SYSTEMDRIVE%\*.exe >
    [2007/11/07 04:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe


    < MD5 for: AGP440.SYS >
    [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
    [2008/01/18 19:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
    [2008/01/18 19:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
    [2008/01/18 19:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
    [2008/01/18 19:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
    [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
    [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/04/10 19:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
    [2009/04/10 19:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
    [2009/04/10 19:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
    [2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
    [2008/01/18 19:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
    [2008/01/18 19:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
    [2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
    [2010/01/16 07:06:01 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
    [2010/01/16 07:06:01 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
    [2010/01/16 07:06:01 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

    < MD5 for: CDROM.SYS >
    [2008/01/19 01:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
    [2008/01/18 17:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
    [2008/01/18 17:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
    [2009/04/10 17:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
    [2009/04/10 17:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
    [2009/04/10 17:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
    [2006/11/02 04:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

    < MD5 for: CNGAUDIT.DLL >
    [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
    [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

    < MD5 for: DISK.SYS >
    [2009/04/10 19:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
    [2009/04/10 19:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
    [2009/04/10 19:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
    [2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
    [2008/01/18 19:42:22 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
    [2008/01/18 19:42:22 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
    [2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

    < MD5 for: EXPLORER.EXE >
    [2010/01/16 07:03:33 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
    [2010/01/16 07:03:31 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
    [2010/01/16 07:03:29 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
    [2010/01/16 07:59:10 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
    [2010/01/16 07:59:10 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
    [2009/04/10 19:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
    [2009/04/10 19:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
    [2010/01/16 07:03:32 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
    [2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
    [2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
    [2008/01/18 19:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

    < MD5 for: IASTORV.SYS >
    [2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
    [2008/01/18 19:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
    [2008/01/18 19:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
    [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
    [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

    < MD5 for: MOUNTMGR.SYS >
    [2006/11/02 05:49:57 | 000,054,888 | ---- | M] (Microsoft Corpo
    19 Septembre 2010 05:02:56

    [2006/11/02 05:49:57 | 000,054,888 | ---- | M] (Microsoft Corporation) MD5=01F1E5A3E4877C931CBB31613FEC16A6 -- C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6000.16386_none_f06162ca0a1ab2c0\mountmgr.sys
    [2008/01/19 03:42:28 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\mountmgr.sys
    [2008/01/18 19:42:30 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\System32\drivers\mountmgr.sys
    [2008/01/18 19:42:30 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\mountmgr.sys

    < MD5 for: MRXSMB.SYS >
    [2010/02/23 07:16:50 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1F0DAA8676E0B3D00C2EC1F82B140A1C -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22346_none_81dc4772677c5da2\mrxsmb.sys
    [2009/04/10 17:14:30 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=317EB668973951BAD512EE8BEBF9ED25 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18005_none_817ce6414e3f3a6f\mrxsmb.sys
    [2010/02/23 07:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=454341E652BDF5E01B0F2140232B073E -- C:\Windows\System32\drivers\mrxsmb.sys
    [2010/02/23 07:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=454341E652BDF5E01B0F2140232B073E -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18213_none_8170198d4e491e00\mrxsmb.sys
    [2010/01/16 05:23:53 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=529B64F9735D27FEF1B8EA1678F8C79E -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.16586_none_7d5aaf055432589d\mrxsmb.sys
    [2009/12/04 12:14:15 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=64B76496CCEA0A56CC0B1F9B32605F8F -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21173_none_7debfa986d4ab84f\mrxsmb.sys
    [2009/12/04 12:12:51 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=66592E91051728C3571B0D77175686AB -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18375_none_7f4ac4e55151a8e2\mrxsmb.sys
    [2009/12/04 11:56:09 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=66DE1A2B389A1969CA1751B276108E45 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18158_none_8149d9694e650f50\mrxsmb.sys
    [2009/12/04 12:08:29 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7295B41FBCA3231841A7EDFF34A7BD14 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22281_none_81ac046a67a1518c\mrxsmb.sys
    [2010/02/23 07:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7AFC42E60432FD1014F5342F2B1B1F74 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18431_none_7f7205535134d0e9\mrxsmb.sys
    [2010/02/23 09:14:41 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=8AF705CE1BB907932157FAB821170F27 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.17025_none_7d9a6dfd5402bf7e\mrxsmb.sys
    [2009/12/04 12:16:23 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=B81A462840C1C9FE6B4EAB893402F3D2 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22575_none_7fd463966a6f45d3\mrxsmb.sys
    [2010/02/23 07:30:49 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=BBB0D31B477CFF3B4F737ED0367F635F -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21230_none_7e143b506d2cf9ad\mrxsmb.sys
    [2008/01/19 01:28:36 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C4AD205530888404E2B5FC8D9319B119 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18000_none_7f916d35511d6f23\mrxsmb.sys
    [2008/01/18 17:28:38 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C4AD205530888404E2B5FC8D9319B119 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18000_none_7f916d35511d6f23\mrxsmb.sys
    [2010/02/23 07:30:23 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=D92DB980E8F791286750127C8E371A7D -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22641_none_7ff0d4186a5a89cb\mrxsmb.sys
    [2010/01/16 05:23:53 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=DC5632CBC8A3D02CE1114DEBB64B7037 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.20709_none_7e3dcdf46d0c620b\mrxsmb.sys
    [2009/12/04 12:27:45 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=F6805DC6823B90393D561BDB163468F6 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.16971_none_7d608517542eb295\mrxsmb.sys
    [2006/11/02 04:31:21 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=FCA7563D87F71C6DB0182CA67CC19AA7 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.16386_none_7d5aab3954325e4f\mrxsmb.sys

    < MD5 for: MRXSMB10.SYS >
    [2009/04/10 17:14:38 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=05716F0203B5C774A87384A1FF7B968F -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18005_none_8a900495489078d1\mrxsmb10.sys
    [2010/01/16 07:33:41 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0883E1ADA541F4201ECAF63C29F2DCAC -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22252_none_88fa1b3264b308d9\mrxsmb10.sys
    [2010/01/16 07:33:41 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0A986B34F1678A2697574D7B1664E2DD -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18130_none_88841dab4b86fe7f\mrxsmb10.sys
    [2010/02/23 07:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=2A4901AFF069944FA945ED5BBF4DCDE3 -- C:\Windows\System32\drivers\mrxsmb10.sys
    [2010/02/23 07:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=2A4901AFF069944FA945ED5BBF4DCDE3 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8a8337e1489a5c62\mrxsmb10.sys
    [2010/01/16 07:33:41 | 000,211,456 | ---- | M] (Microsoft Corporation) MD5=2BBD3970018270D2C6A0B069F568154E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16738_none_86a5e1554e593846\mrxsmb10.sys
    [2010/02/23 07:16:58 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=32E743994055D8D4729E2F2E0EF4758D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8aef65c661cd9c04\mrxsmb10.sys
    [2009/12/04 11:56:16 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=346611D7523B520FAA86B76753CC9874 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18158_none_8a5cf7bd48b64db2\mrxsmb10.sys
    [2009/12/04 12:27:52 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=3B6200FE9DEEF1F9BBF576A80082A741 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16971_none_8673a36b4e7ff0f7\mrxsmb10.sys
    [2010/02/23 09:14:51 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=47E13AB23371BE3279EEF22BBFA2C1BE -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.17025_none_86ad8c514e53fde0\mrxsmb10.sys
    [2010/02/23 07:30:28 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=581305791239FAC6B5B4225AB0C7A7E4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8903f26c64abc82d\mrxsmb10.sys
    [2006/11/02 04:31:27 | 000,211,456 | ---- | M] (Microsoft Corporation) MD5=58A9AB5754FA4CABEDE7401283B5A771 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16386_none_866dc98d4e839cb1\mrxsmb10.sys
    [2008/01/19 01:28:42 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=67E55CED3FC143C82A8197988BFC1F9A -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18000_none_88a48b894b6ead85\mrxsmb10.sys
    [2008/01/18 17:28:44 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=67E55CED3FC143C82A8197988BFC1F9A -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18000_none_88a48b894b6ead85\mrxsmb10.sys
    [2010/02/23 07:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=8A75752AE17924F65452746674B14B78 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18431_none_888523a74b860f4b\mrxsmb10.sys
    [2009/12/04 12:14:25 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=95764A2DFB3746407BBD6223BF1CE145 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21173_none_86ff18ec679bf6b1\mrxsmb10.sys
    [2010/02/23 07:30:59 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=A6130566AC4178473B5DAC8F8F74407D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21230_none_872759a4677e380f\mrxsmb10.sys
    [2009/12/04 12:12:58 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=AA9496B3B8F1D3CB2D2A731BA05464E0 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18375_none_885de3394ba2e744\mrxsmb10.sys
    [2009/12/04 12:16:35 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=B04E30592FD96F3D543A1329CE0FD562 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22575_none_88e781ea64c08435\mrxsmb10.sys
    [2009/12/04 12:08:40 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=BB74E8E0DE15AF95703AAAD907BEDF5E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22281_none_8abf22be61f28fee\mrxsmb10.sys
    [2010/01/16 07:33:41 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=F813456C00B904DC3B6558CAD7B13BBA -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.20904_none_874beea267621c08\mrxsmb10.sys

    < MD5 for: MRXSMB20.SYS >
    [2010/02/23 07:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=28B3F1AB44BDD4432C041581412F17D9 -- C:\Windows\System32\drivers\mrxsmb20.sys
    [2010/02/23 07:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=28B3F1AB44BDD4432C041581412F17D9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8cb9a1f386f18fd3\mrxsmb20.sys
    [2010/01/16 05:23:53 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=30A67C7D8B80281028916DED6A64AEC9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.16586_none_88a4376b8cdaca70\mrxsmb20.sys
    [2008/01/19 01:28:37 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=3268B8C3FA92BFC086355C39B45E9CC9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18000_none_8adaf59b89c5e0f6\mrxsmb20.sys
    [2008/01/18 17:28:38 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=3268B8C3FA92BFC086355C39B45E9CC9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18000_none_8adaf59b89c5e0f6\mrxsmb20.sys
    [2010/02/23 07:30:53 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=3D475E770D3AB2D0C5E3E1386871F9DA -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21230_none_895dc3b6a5d56b80\mrxsmb20.sys
    [2010/01/16 05:23:53 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=5334E68E89628A117255B936B204977F -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.20709_none_8987565aa5b4d3de\mrxsmb20.sys
    [2006/11/02 04:31:17 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=79B09504E4A790104683722CD04F76B4 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.16386_none_88a4339f8cdad022\mrxsmb20.sys
    [2009/12/04 12:14:17 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=7E1B134C0EDD4AF6564A50559A4C9268 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21173_none_893582fea5f32a22\mrxsmb20.sys
    [2010/02/23 09:14:42 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=90B3FC7BD6B3D7EE7635DEBBA2187F66 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.17025_none_88e3f6638cab3151\mrxsmb20.sys
    [2010/02/23 07:16:50 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=98A085E296A9BA865CAE56C1BCB1A0F6 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8d25cfd8a024cf75\mrxsmb20.sys
    [2010/02/23 07:30:23 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=A4BD317F6D6AD2B3A1FF81DC063748D4 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8b3a5c7ea302fb9e\mrxsmb20.sys
    [2009/04/10 17:14:30 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=C70C50D101B92B45C42BA11EA9FE6CD1 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18005_none_8cc66ea786e7ac42\mrxsmb20.sys
    [2010/02/23 07:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=F4D0F3252E651F02BE64984FFA738394 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18431_none_8abb8db989dd42bc\mrxsmb20.sys

    < MD5 for: NDIS.SYS >
    [2009/04/10 19:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
    [2009/04/10 19:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
    [2006/11/02 05:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
    [2008/01/19 03:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
    [2008/01/18 19:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

    < MD5 for: NETLOGON.DLL >
    [2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
    [2009/04/10 19:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
    [2009/04/10 19:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
    [2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
    [2008/01/18 19:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

    < MD5 for: NVSTOR.SYS >
    [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
    [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
    [2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
    [2008/01/18 19:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
    [2008/01/18 19:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

    < MD5 for: RASACD.SYS >
    [2008/01/19 01:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
    [2008/01/18 17:56:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
    [2008/01/18 17:56:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
    [2006/11/02 04:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasacd.sys

    < MD5 for: SCECLI.DLL >
    [2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
    [2008/01/18 19:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
    [2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
    [2009/04/10 19:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
    [2009/04/10 19:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

    < MD5 for: STORPORT.SYS >
    [2008/01/19 03:43:12 | 000,123,960 | ---- | M] (Microsoft Corporation) MD5=39AD2C7B9C05C1CCD12480890DBA4EB5 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6001.18000_none_277c4ea9302ee5d3\Storport.sys
    [2008/01/18 19:43:14 | 000,123,960 | ---- | M] (Microsoft Corporation) MD5=39AD2C7B9C05C1CCD12480890DBA4EB5 -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6001.18000_none_277c4ea9302ee5d3\Storport.sys
    [2009/04/10 19:32:56 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\System32\drivers\Storport.sys
    [2009/04/10 19:32:56 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6002.18005_none_2967c7b52d50b11f\Storport.sys
    [2006/11/02 05:50:47 | 000,117,864 | ---- | M] (Microsoft Corporation) MD5=ED386E31D263448B2ED36D4839F2CA04 -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6000.16386_none_25458cad3343d4ff\Storport.sys

    < MD5 for: TERMDD.SYS >
    [2006/11/02 05:50:28 | 000,050,792 | ---- | M] (Microsoft Corporation) MD5=2C549BD9DD091FBFAA0A2A48E82EC2FB -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\termdd.sys
    [2009/04/10 19:32:54 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\System32\drivers\termdd.sys
    [2009/04/10 19:32:54 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\termdd.sys
    [2009/04/10 19:32:54 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\termdd.sys
    [2008/01/19 03:42:19 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys
    [2008/01/18 19:42:20 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\termdd.sys
    [2008/01/18 19:42:20 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys

    < MD5 for: USERINIT.EXE >
    [2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
    [2008/01/18 19:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
    [2008/01/18 19:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
    [2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

    < MD5 for: WIN32K.SYS >
    [2010/01/16 05:19:25 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=00D35636A02BB4529A707FA4E0B7F957 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20537_none_b77d6655b68fe37f\win32k.sys
    [2010/01/16 06:20:26 | 002,035,712 | ---- | M] (Microsoft Corporation) MD5=18406CE410C1A4394FE1A8246D10567F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18311_none_b8e9afca9a8df67d\win32k.sys
    [2010/01/16 06:20:26 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=26AC4A647E67C7A7064309CBF1AAE3AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22200_none_bb639005b0cab34a\win32k.sys
    [2006/11/02 04:39:12 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=47754A68CC02A84DBD8413396368D963 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16386_none_b6bcb7be9d9bb8ec\win32k.sys
    [2008/01/19 01:37:02 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
    [2008/01/18 17:37:04 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
    [2010/05/01 09:53:49 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=6E78D8BB909579F9CBA6C8410C5C1697 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
    [2009/04/10 17:24:18 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=71C61AFCD453F3153B0EB4F988EE669D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
    [2010/01/16 05:19:25 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=832313608F8B128EC715047CF27732CF -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16438_none_b6f4c9d49d715d0c\win32k.sys
    [2010/01/16 06:20:27 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=8705038245789561EE714D12CC3368CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18091_none_ba79a25297f52b29\win32k.sys
    [2010/05/01 16:27:32 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=92D62DCB0C488707CCDBC4044C62920C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
    [2010/01/16 06:20:28 | 002,031,104 | ---- | M] (Microsoft Corporation) MD5=9352E049F234BFA756C840CD8BDF4FFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16908_none_b71543169d58fafc\win32k.sys
    [2010/05/01 10:26:07 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=ABC44865039F3D6B055F7418A83802CC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
    [2010/01/16 06:20:25 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=D4F9530BB031E0BAEDBE08B21BE52ADD -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22497_none_b922cef1b3e70dd9\win32k.sys
    [2010/01/16 07:59:12 | 002,027,008 | ---- | M] (Microsoft Corporation) MD5=D5D8B98DF632E47185B36CD67AFAF42E -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16551_none_b6d829dc9d87e0b4\win32k.sys
    [2010/05/01 10:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\System32\win32k.sys
    [2010/05/01 10:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
    [2010/01/16 07:59:12 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=EB58A5AD90B05A75EE824635E150FA0B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20670_none_b74b2685b6b69f09\win32k.sys
    [2010/01/16 06:20:27 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=F140B984628DA0171AC67548A0515572 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21108_none_b79eb803b676ce08\win32k.sys

    < MD5 for: WININIT.EXE >
    [2008/01/19 03:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
    [2008/01/18 19:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
    [2008/01/18 19:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
    [2006/11/02 05:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2009/04/10 19:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
    [2009/04/10 19:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
    [2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
    [2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
    [2008/01/18 19:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/04/10 19:28:20 | 000,142,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\fontext.dll
    [2009/04/10 19:28:20 | 000,270,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iertutil.dll
    [2009/04/10 19:28:26 | 011,584,000 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\shell32.dll
    [2010/05/04 15:15:07 | 001,176,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\urlmon.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
    [2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
    [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
    [2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
    [2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

    < CREATERESTOREPOINT >
    < End of report >
    19 Septembre 2010 19:55:07

    re
    ne tiens pas compte de ce que je poste ci dessous (c'est pour que je n'oublie pas)
    Citation :
    O10 - Broken Internet access because of LSP chain gap (#16 in chain of 29 missing)

    Citation :
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)


    ++++++++++++++++++

    1
    analyse ce fichier chez virus total: Virus Total
    C:\Windows\System32\idmmbc.dllposte le rapport stp

    +++++++++++++++++

    2
    Télécharge TDSSKiller de Kaspersky sur ton bureau.

  • Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
  • Double clique sur "TDSSKiller.exe" pour lancer l'outil.
    (Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)

  • Clique alors sur le bouton "Start Scan".
  • Laisse le scan s'effectuer.

  • Dans la fenêtre de résultat, assures-toi que "Malicious objects" ait le statut "Cure"
  • Pour la partie "Suspicious object" clique sur "Skip" et choisi "Quarantine"
  • Clique enfin sur "Continue"

  • Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"

  • Au redémarrage va chercher le rapport de suppression, il se trouve ici :
    C:\ TDSSKiller.x.x.x.x_date_heure_log.txt

    Poste son contenu dans ta prochaine réponse.



    3

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
  • Déconnecte-toi et ferme toutes applications en cours.
  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
  • Choisis Nettoyer puis valide.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
    19 Septembre 2010 19:59:16

    piouuu
    je suis estomaqué a chaque fois.....
    insuivable
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS